[c-nsp] Hardware for 'managed firewall'
Eric Helm
helmwork at ruraltel.net
Wed Sep 30 08:05:01 EDT 2009
Dave Weis wrote:
>
> On Wed, 30 Sep 2009, David Hughes wrote:
>> On 30/09/2009, at 7:08 AM, Dave Weis wrote:
>>> On Tue, 29 Sep 2009, Christopher Hunt wrote:
>>>> As I painfully discovered, the Cisco ASA in Multiple Context mode
>>>> does not support IPSEC VPN clients nor L2TP3 tunnels
>>>
>>> That's a pretty big omission! Any ETA to add that capability?
>> Yeah, they've never supported VPN in multi-context mode. Major pain.
>> And if you are a dense hosting provider the 50 context limit (and
>> limited performance) of a 5540 for example doesn't work too well.
>> These issues made us look around again and J-Vendor's boxes are making
>> the ASA's look a bit ordinary.
>
> I never enjoyed working on the netscreens. I suppose if each virtual
> firewall customer could get the same awkward web interface for self
> provisioning it could be made to work.
>
Have a look at the new SRX platform... its JUNOS based and there are
models that could well support a SP managed firewall service.
/Eric
More information about the cisco-nsp
mailing list