A friends friend that i somewhat know is opening a small company. Roughly 15-20 employees at the moment. I was thinking of either getting a 501 since it is a Small Business at the moment and may expend later. He feels that VPN is defiantly a requirement for his outside people so that they can access the main office, etc. Suggestions?
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
PIX 501 or new ASA series for Small Business
- Thread starter Tazman2
- Start date
Go with the ASA 5505, it cost's about the same as the PIX 501, but does a lot more. The below will allow 50 internal hosts and supports up to 10 simultaneous IPSec VPN users.
Part #: ASA5505-50-BUN-K9
Description: ASA 5505 50-User Bundle (Chassis, SW, 50 Users, 3DES/AES)
MSRP: $845
Part #: ASA5505-50-BUN-K9
Description: ASA 5505 50-User Bundle (Chassis, SW, 50 Users, 3DES/AES)
MSRP: $845
Thanks guys! According to CDW.com i see 585.99 for the 50 user and $689.99 for the unlimited user. I don't see them getting to even half that anytime soon in house so i assume the 50 user is fine? They will be doing a bunch of VPN though i believe. Can i upgrade the # of VPNs on the unit after its bought if need be? Thanks again for all the info! 
Yes i noticed that but it didn't change the VPN max as it still remains at 10. Then again i assume thats at ONCE? I'll ask him tonight if thats enough but i'm pretty sure it is.
Updates being firmware, etc. i assume?
PS: I see that the cheaper non onsite one doesn't list software updates/upgrades hmm...
BobSutan
[H]F Junkie
- Joined
- Apr 5, 2000
- Messages
- 12,121
ASA all the way. PIX's are said to be EOL within the next 10-12 months.
You don't need the onsite contract in order to obtain software updates, the SMARTnet product CON-SNTP-AS5B50K9 will give you 24x7x4 and allow you to register this product/contract under your CCO account in order to obtain updates as they are released. This contract retails for $142.00 per year.
Also, you can upgrade your license at a later date, the Unlimited license only applies to internal hosts (as you stated), in order to upgrade the VPN peers you will need to move up to the "Security Plus Bundle". This will give you 25 simultaneous VPN peers, but roughly doubles your cost...
I'm leary of it after the comments I've seen from people in the business. We ran twin 5520's at my previous job, as they were set to phase out our PIX501 and VPN3000 concentrator. For an "all in one" firewall/vpn/ips solution, you can't beat the ASA's imo.
In my case at my new job, I was asked to implement a new VPN setup, because the 3com IPSec setup they had was dropping packets and being a b*tch all day, every day. My boss asked me if I wanted to go Cisco for this and I started doing some digging. After all is said and done, I think Aventail and F5 have their sh*t down with SSL VPN. Not sure what soho/small biz products they offer, but you may want to check into it if the company plans on expanding. I'm going Aventail for our SSl VPN project.
The 5505's will work in remote office situations with minor VPN requirements. That's what they were designed for.