|
[Info] question on costHello,
We are looking at having a Cisco VPN firewall installed on a new laptop to provide a VNC connection to a second location. The cost for this firewall is around $5,100. I have little experience with hardware firewalls and no experience with anything of this caliber. Can someone explain to me why it is so costly? |
|
|
What's the exact make / model of firewall you're getting / have purchased?
If this is Cisco Cisco that you've gotten -- not Cisco Small Business, not ex-Linksys By Cisco, then the price tag can simply be explained by "why is any other enterprise piece of kit as expensive?"
Ever take a look what a fully kitted Dell/HP/IBM server costs?
Ever price out what a copy of Windows Server 2K8 costs?
What about software from the likes of Oracle or similar?
If you(r company) picked up Smartnet (Cisco's term for a service contract) as well, that adds to the price as well, but if you want a Five 9's (ie. 99.999%) uptime, then that's what you have to pay.
Does that answer your question?
Regards |
|
|
to DragonLore
said by DragonLore:a Cisco VPN firewall installed on a new laptop Do you mean a VPN client? Have you considered "cloud VPN" options like Pertino, or maybe an even simpler option like Team Viewer. It all depends on exactly what the requirements are. From my very recent experience (check posts from the last 7 days from me) you will discover that the Cisco ASA devices are a steep learning curve. I'm very comfortable with Cisco command Line and router and switch config but some of the ASA config has me baffled! And don't think the GUI (called ASDM) makes life easier. It doesn't. BUT you may find that hardware firewalls from other vendors are equally complex to learn and get running well, especially if this is required quickly. On the back of my recent ASA experience I am going to look again at the Meraki MX series firewalls. |
|
BinkVillains... knock off all that evil join:2006-05-14 Colorado |
to DragonLore
While shiny new Cisco hardware is nice and has lots of bells and whistles, if all you need to do is provide a single workstation with secure access to the screen of another remote workstation, like markysharkey said, there are cloud-based options that will readily allow you to do this without a large up-front capital expenditure. That said, you could also just use open source to provide VPN connectivity or simply use SSH forwarding. |
|
1 edit |
to HELLFIRE
The quote we received is to: Provide and set up a new backup laptop Provide and install Cisco VPN firewall Program VPN to VNC connection to allow for secure remote connection to our water treatment plant
I myself will have no direct contact with this piece of equipment - I'm just evaluating the proposal, and need to understand why it is so expensive. Will there be a service contract? Yes. And we need the "guaranteed" uptime.
It is my understanding that public infrastructure such as water treatment facilities are required to have strong system security - and so it should be - and that the requirement will be intensified next year. But what I don't get is what this $5K firewall provides security-wise that more reasonably-priced firewalls don't.
Edit: The quote doesn't list the exact make/model - I will certainly be requesting that information! |
|
BinkVillains... knock off all that evil join:2006-05-14 Colorado |
Bink
Member
2014-Jul-25 12:59 pm
said by DragonLore:But what I don't get is what this $5K firewall provides security-wise that more reasonably-priced firewalls don't. Cisco name brand, enterprise-class hardware and a tons of functionality you will likely not use. |
|
|
said by Bink:Cisco name brand, enterprise-class hardware and a tons of functionality you will likely not use. Bah! |
|
|
to DragonLore
Not to rag on OSS soft/hardware, but given this is public infrastructure (water treatment plant), there's a bunch of regulatory and standards crap you're subject to. Offhand, FIPS-140 comes to mind, and Cisco Cisco most definately has this certification.
My 00000010bits
Regards |
|
|
to DragonLore
It hinges on the make/model of Firewall and the licencing that will be installed. If it's 5520 with SecPlus, 24x7 Smartnet and a profesional bespoke config to suit your organisation, I reckon 5K is totally acceptable. |
|
|
said by markysharkey:and the licencing that will be installed This refers to number of users? |
|
|
Nope. Feature sets. An ASA doesn't have all features enabled by default. You need to buy licencing privileges to the sort of connectivity you want. There are licences for VPN connectivity or number of security contexts and many other options. Security Plus is probably the most common licence used as it includes almost everything as far as I recall. But it's a cost option, not free. Same goes for many Cisco routers, especially if you want access to IOS embedded security features. |
|
|
|
Thank you. That is very helpful information. |
|
1 recommendation |
Don't thank me yet. Cisco licencing gives me more headaches than ANYTHING else! |
|
|
to DragonLore
...just as a though, see if you can't get a price breakdown sheet of what they're going to charge. Equipment-wise, there are sources you can use to compare the price. Dollars to donuts though, where they're dinging you is the old adage of "$10 for hitting the engine, $90 for knowing WHERE to hit the engine."
Let us know how this goes and/or if there's anything else we can help you with.
Regards |
|