G
Guest
Guest
Archived from groups: comp.security.firewalls (More info?)
We are setting up a new office network and would like some advise/experience
on firewalls. I have looked at the messages but am still confused
Today we have a single external connection (business cable 2/4) but may want
to expand with a backup. There will be 2-3 externally visible servers with
their own IP and a small LAN - 15 users. We need VPN access (10 licenses)
to the servers for external users. We will probably set up the internal lan
using a "store" router for NAT but could also use the firewalls NAT. We
would like (of course) as much protection as we can get - including
intrusion, VP. The degree of "inspection" on the firewall is important but
it is hard to see around the marketing. I expect to set up some wireless,
but using a separate access point - we will also set up a "guest" wireless
(possibly outside the firewall). We also want to make sure we can still use
applications - FTP, Netmeeting, etc.
It is even hard to tell what these things really cost when you get the
protection packages. I have listed what I THINK they cost. Questions I
have are;
- Stability
- Degree of protection
- Speed
- Expected life/upgrades
- Support for multiple IP addresses and routing
- Real cost
- Complexity to admin (Tech users but no dedicated support)
- Marketplace position
- Support
We are looking at;
Checkpoint Safe@office 225 Comprehensive security $1230 ($180 per year)
-- Or perhaps VPN-1 Edge, seems similar
-- Best "deep inspection"?
-- Market leader?
Juniper NetScreen 5GT Extended $1100
-- Well respected, solid
Fortigate 60 all in one security bundle $800 ($350/year)
-- Fast but may have more limited protection? Hard to upgrade due to
hardware?
-- No user limits
-- Best deal and good rep, But not much of a market leader?
SonicWALL TZ 170 25-Node Comprehensive Gateway Security Bundle $750 (May be
more hidden $)
-- But it looks like VPN clients are $$30/each, so ad $300!
-- Hints of stability problems.
-- Market leader?
Cisco PIX 501
-- Seems to lag the others
We would really appreciate thoughts and experience!
We are setting up a new office network and would like some advise/experience
on firewalls. I have looked at the messages but am still confused
Today we have a single external connection (business cable 2/4) but may want
to expand with a backup. There will be 2-3 externally visible servers with
their own IP and a small LAN - 15 users. We need VPN access (10 licenses)
to the servers for external users. We will probably set up the internal lan
using a "store" router for NAT but could also use the firewalls NAT. We
would like (of course) as much protection as we can get - including
intrusion, VP. The degree of "inspection" on the firewall is important but
it is hard to see around the marketing. I expect to set up some wireless,
but using a separate access point - we will also set up a "guest" wireless
(possibly outside the firewall). We also want to make sure we can still use
applications - FTP, Netmeeting, etc.
It is even hard to tell what these things really cost when you get the
protection packages. I have listed what I THINK they cost. Questions I
have are;
- Stability
- Degree of protection
- Speed
- Expected life/upgrades
- Support for multiple IP addresses and routing
- Real cost
- Complexity to admin (Tech users but no dedicated support)
- Marketplace position
- Support
We are looking at;
Checkpoint Safe@office 225 Comprehensive security $1230 ($180 per year)
-- Or perhaps VPN-1 Edge, seems similar
-- Best "deep inspection"?
-- Market leader?
Juniper NetScreen 5GT Extended $1100
-- Well respected, solid
Fortigate 60 all in one security bundle $800 ($350/year)
-- Fast but may have more limited protection? Hard to upgrade due to
hardware?
-- No user limits
-- Best deal and good rep, But not much of a market leader?
SonicWALL TZ 170 25-Node Comprehensive Gateway Security Bundle $750 (May be
more hidden $)
-- But it looks like VPN clients are $$30/each, so ad $300!
-- Hints of stability problems.
-- Market leader?
Cisco PIX 501
-- Seems to lag the others
We would really appreciate thoughts and experience!