Question : Using Cisco IAD 2430 as Primary Router/Firewall?

We recently got a T1 and VoIP from a big national company everybody's heard of. We also use this "dynamic" T1 for internet access.

In the "telephone wiring room" on the first floor of our building is a Cisco IAD 2430 Business Class Integrated Access Device. A CAT6 cable runs out of it up into a Linksys RV042 router/firewall.

The Cisco 2430 is not doing any filtering I am aware of. It blocks no ports or anything. All of that is done at the Linksys RV042. I've been thinking of replacing the Linksys with a WatchGuard device, but want to explore how this Cisco product fits into the mix before I buy any other hardware.

Question: should I manage inbound (and possibly outbound) using the Cisco? Get rid of the Linksys? I have talked to my service provider's tech/maintenance people who say it is okay with them. I would not presume to mess with this without competent, professional help by somebody who knows CISCO.

It seems to me a shame to not use the Cisco to its full potential.

What are the pros and cons to this? What other roles, if any, can the Cisco play in my organization in terms of security? Is this model related to what I hear called Cisco "PIX"?

http://www.cisco.com/en/US/prod/collateral/voicesw/ps6790/gatecont/ps887/ps5321/product_data_sheet09186a008019aded.html

(I hope this will stimulate some good discussion among you and I plan to dole out the points fairly evenly between up to two or three of you experts if each can provide their own unique perspectives.)

Answer : Using Cisco IAD 2430 as Primary Router/Firewall?

The Cisco IAD is just that - an Integrated Access Device, primarily for Voice access. It is not really designed to be a full fledged router with firewall feature support for access control/NAT, etc. You can upgrade the feature license on it to support some of these features, but they are really "bolt-on's" to the basic features.
My vote would be to keep it as is (don't change what ain't broke). Keep the service provider on the hook for maintenance of this device.

If you want to replace the Linksys, I would suggest the Cisco ASA5505 product unless you are hooked on the Watchguard. The PIX is no longer in production and the ASA is the replacment line of products. It is a full-fledged professional grade firewall/vpn appliance. I just sold 4 new ASA's to a customer who bought Watchguards 3 months ago because the Cisco solution was 'too expensive', but the amount of time and effort they have spent trying to get the Watchguards up and running could have paid the difference many times over. They have sent the Watchguards back to their reseller.

Random Solutions

help, using a gif of flame that follows cursor to burn off page?

Microsoft Exchange OLEDB was unable to register OnSyncSave event for Schema propagation on MDB startup HRESULT = 0x8000ffff.

Slow access to a network drive

Making PIX boot server on fedora8.....??

BCP with Format.xml file - Trying to understand <COLUMN> elements.

sort hash in perl

Need a batch file script/syntax to map a different share using the same/current drive letter. no DFS

Most user friendly Linux

Everything's Gone!

Vpn tunnel with VPN client works fine, but no internet access anymore