a) got a diagram of your existing setup
b) what is the actual make / model of devices in your existing setup?
Generally speaking :
1) you can seperate the functions of "router" (moving packets between two or more layer3 networks) and "firewall"
(general stateful connection monitoring, etc) if you so want, or keep them seperate -- it all depends on your needs.
2) firewall types break down as follows :
- static packet filter
- application proxy
- stateful inspection
- UTM / "Next Gen Firewall"
All have their pros and cons, again it all comes down to what you need and what you pay for. As RyanG1
to, ASA firewalling and IOS firewalling are two different beasts entirely, and support a different set of functions.
Also be aware of the world outside of Cisco -- heresy to speak of this here, I know -- but if you compare Cisco's firewall
products to stuff from other vendors, like Juniper, Fortinet, etc. you can see some of the features delta present there
3) is this for a home or office, or even an enterprise setup? Again, it comes down to the requirements.
Some books I'd recommend if you want further reading is as follows are this one
, this one
and this one
if you want some
well rounded information and exposure to firewalls and firewall types from various manufacturers.