[c-nsp] NAT on ACE
Pavel Lunin
plunin at gmail.com
Mon Apr 13 08:27:05 EDT 2009
Hi experts,
Who thinks what about an idea of using Cisco ACE module for 6500/7600 as
a NAT device for a huge enterprise network?
I am looking for a device which would be capable to NAT traffic for a
network of several thousand desktops + an enterprise-scale data center:
up to 5 Gbps of traffic totally. Local sales say it is a nice idea to
use ACE. The price is also very attractive in compare with any classic
stateful firewall solution. But I myself have absolutely no experience
with ACE and am also afraid nothing goes free. At least in Cisco world :)
Skimming through Cisco's datasheets it seems like ACE is rather a kind
of load balancer, SSL accelerator, L7 proxy, etc. This functions are
usually done in software. However ACE's NAT capabilities, announced by
the vendor, should require lots of expensive hardware, just as any
firewall does.
So where is the trick? Does anyone have real life experience with NAT on
ACE module? Should we go there? Let's assume we don't need any other
firewall features, only NAT.
Thank you.
--
Kind regards,
Pavel
More information about the cisco-nsp
mailing list