i need to get one of these running, i have platinum management, and i am giong to use my included management hours to have SM techs install one of these firewalls.

i have to have all the std stuff working, IIS etc..
passive ftp has to work.
secure ftp has to work.
VPN has to work.

which should i ask them to install on my server? What should I include in the ticket? any details?

Thanks

I cant vote, because I wouldnt install just one of them.
Personally I use IPSec on all the remote admin tasks, as far as setting up real strict policies for vpn and rdc access. RRAS I use to filter out known worms, or ports that really dont need to be open.
I cant really say what to say in your ticket. If you are going to have them do admin work, then yes it would need to be detailed. You might even talk to the tech over the phone while hes doing it. To make sure its done properly and to your specs.

I would recommend you use IPSec.

It's is harder to setup and configure, but does a much better job at locking down ports. You can also specify port ranges with IPSec, unlike RRAS.

Once you mess around with IPSec a while, the burden goes away and it becomes second nature to make changes to the configuration.

If you have multiple IPs and you need rules to be different on different IPs, IPSec is the way to go. RRAS might be a bit easier when it comes to setting up FTP rules though but it's doable in IPSec as well. As mentioned above you could use both.

Lunch[box], I wasn't aware you could specify port ranges in IPSec. How do you go about doing that, I've always needed to add each port one by one.

i found ipsec very easy to setup