Could you help me with my firewall requirement analysis?

Puneet Mehta, SDG

I am working in an IT solution company, and we give customers solutions as per their requirements.

When discussing firewalls -- what do you think are questions that I should ask my customer? If am selling him a Cisco PIX firewall -- how can I get those answers to help me to prepare my BoM. In short how could I size the firewall for the customer?
Requirement analysis plays an important role in determining and recommending any technical solution. Apart from the pricing and budgetary factors, the analysis needs to gather the technical information. The major technical information you need are:

The size of network (Servers, workstations, switches etc.) at the client site.

Network Topology and design.

WAN connectivity- Number of sites connected/ Internet/ Connectivity channel and Pipe size.

Level of security - Basic packet filtering/NAT/PAT/State inspection.

If any security solution already in place?

Appliance or Software based solutions - Both of these have their own benefits.

Network Traffic Analysis- This is another factor which determines the type and size of firewall.

Firewall throughput- Many a times, throughput is also a deciding factor along with security features.

IDS/VPN's and other integrated technologies- Most of the companies now lookout for the solution which can provide them all of these as one solution. For example, a client might want to be able to terminate 100 plus VPN connections with a PIX firewall. This might seem okay as a solution, but could be hard on pricing or performance. Here you can suggest some VPN concentrators which take off load from the PIX.

Level of Support and training.

Product loyalty- This plays an important role. Many companies like to stick with the vendors they have been working with.

Answers to the above mentioned questions should give a fair analysis of the requirements.

Let me know if you need further information.

This was last published in December 2003

Could you help me with my firewall requirement analysis?

Dig Deeper on Network Security Monitoring and Analysis

How does BENIGNCERTAIN exploit Cisco PIX firewalls?

Leaked Cisco security vulnerability found in NSA exploit stockpile

How do I...choose a VPN for my small business?

What network security threat does a QM FSM error pose in IPsec VPNs?

Related Q&A from Puneet Mehta

How do VPN concentrators and network access servers (NAS) differ?

What keeps unauthorized users from accessing my IP address/Internet?

Controlling network access by MAC address restriction on wired networks

SearchUnifiedCommunications

AR and VR in video conferencing offer post-pandemic benefits

Big Tech's uneasy balance of capitalism, censorship

Microsoft slow to fulfill request for more Teams channel control

SearchMobileComputing

Samsung lowers the price of Galaxy phones with S21 line

Qualcomm to buy Nuvia for $1.4 billion

High phone prices driving consumers to the used phone market

SearchDataCenter

Get a template to estimate server power consumption per rack

When the chips are down, Intel turns to VMware's Pat Gelsinger

Intel CEO Bob Swan to be replaced by VMware's Pat Gelsinger

SearchITChannel

Why 2020 may have changed the MSP industry forever

Huntress security platform gets boost from Level Effect EDR

Cloud distributor Pax8 pursues UK growth, tech innovation