WatchGuard Firebox X1000 or Cisco PIX 515E
I'm looking into either implementing two WatchGuard Firebox X1000 w/ 3-port upgrade and High Availability support or two Cisco PIX 515E's w/ Failover Mode. Two 100mbps CAT5 drops will be dropped into my cabinet.
Cost and firewall throughput are two of the major deciding factors. The WatchGuard Firebox X1000 solution will cost me approximately $6000CDN to implement and the Cisco PIX 515E solution will run me into $9000CDN approx. to implement.
The Firebox X1000 has a firewall throughput of 225mbps (allows me to fully utilize my 200mbps connection) and handles 200,000 concurrent sessions whereas the Cisco PIX 515E only has a throughput of 188mbps (lost 12mbps) and handles only 130,000 sessions. I'm not really sure if spending $3000CDN more on a Cisco solution that provides lower throughput/sessions is worth it.
I've read that many people who have implemented the older Firebox solutions have had many problems with their systems. I've read things like random lock-ups, crashes etc...
Have these problems been resolved in the X-series and can anyone presently using this solution in production please provide their insight? How well does it stand up to DDoS attacks?
According to WatchGuard's Press-releases and Google News, the Firebox X seems to be slowly entering the spotlight as several high-profile organizations/companies (US 9-11 commission, Linen 'n Things and American Cancer Society to name a few) are starting to utilize it.
Any ideas on where I should go from here? It's quite mind-boggling since both solutions have their positives and negatives.
Thanks for your time, I greatly appreciate it!
Dave
