Your Firewall Thoughts Please...

eMeSeMeS Member Posts: 1,875 ■■■■■■■■■□
in Off-Topic
I'm considering purchasing one of these:

FVS336G - Dual WAN Gigabit SSL VPN Firewall

...and would appreciate anyone's thoughts about this product or specific experience with it...

I'm really not looking for the "Netgear is crap" without supporting evidence responses...but I am open to alternative suggestions that meet my requirements.

This is not for home use. The requirements that I have are the following:

I have 3 very customized rack-mounted servers. The primary purpose of these servers is to host a number of IBM WebSphere products in both a sandbox for consultants/developers to use to test products and gain experience. Additionally, one of the servers is dedicated to providing demo capabilities for sales people. The people that use these things require secure access from anywhere. This setup is not only used remotely, it is used locally as well. The total peak user count is 10.

I'm interested to hear anyone's thoughts. I do not require the dual WAN ports that the Netgear product has, but I do need the 4 10/100/1000 LAN ports. I could even use more LAN ports if I could find something that meets all of my needs. If anyone has any other products in mind that they think will meet my requirements, please let me know what they are. From a standpoint of cost, ideally I would like to spend less than $500. I am open to new and gently used equipment.

Thanks,

MS
· Share on FacebookShare on Twitter

Comments

  • phantasmphantasm Member Posts: 995
    I would got with one of these: Newegg.com - CISCO ASA5505-BUN-K9 10000 Simultaneous Sessions Firewall throughput: Up to 150 Mbps 3DES/AES VPN throughput: Up to 100 Mbps Cisco ASA 5505 10-User Bundle - Firewalls

    My 871w had CBAC configured but it was choking the bandwidth from 7MB down to 500k down. I'm now looking for other solutions.
    "No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus
    · Share on FacebookShare on Twitter
  • eMeSeMeS Member Posts: 1,875 ■■■■■■■■■□
    phantasm wrote: »
    I would got with one of these: Newegg.com - CISCO ASA5505-BUN-K9 10000 Simultaneous Sessions Firewall throughput: Up to 150 Mbps
    3DES/AES VPN throughput: Up to 100 Mbps Cisco ASA 5505 10-User Bundle - Firewalls

    My 871w had CBAC configured but it was choking the bandwidth from 7MB down to 500k down. I'm now looking for other solutions.

    Thanks...I saw this one on Newegg as well...I think what has me looking away from this one is the 100M local ports....however, I do like that there are more ports available. This would be definitely useful because each of these servers has two network connections.

    MS
    · Share on FacebookShare on Twitter
  • shednikshednik Member Posts: 2,005
    eMeS wrote: »
    Thanks...I saw this one on Newegg as well...I think what has me looking away from this one is the 100M local ports....however, I do like that there are more ports available. This would be definitely useful because each of these servers has two network connections.

    MS

    I would pick the ASA over the netgear in a heartbeat there are a lot of cool things you can do with them!!
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    I've not had experience with that specific model but we picked up an older Netgear firewall box for a remote office and just had never ending issues with it. It would randomly crash every so often and block all traffic. We thought maybe it was a hardware fault and sent it back. The new one was just as bad.

    In the end with replaced it with a little Juniper box instead and its been working great ever since.
    · Share on FacebookShare on Twitter
  • eMeSeMeS Member Posts: 1,875 ■■■■■■■■■□
    tiersten wrote: »
    In the end with replaced it with a little Juniper box instead and its been working great ever since.

    Which Juniper box?
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    eMeS wrote: »
    Which Juniper box?
    It is a SSG-20. Only problem for you is that it doesn't have any gigabit ports. Our main site uses ASAs.
    · Share on FacebookShare on Twitter
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    I would consider the Cisco ASA 5505 mentioned previously, the Juniper SSG-5, the FortiGate 50, 60 or 100 series. I would lean to the later due to FortiGate having both integrated SSL VPN (Cisco has too, but it gets expensive fast to add licenses) and UTM (Juniper has).

    I would just purchase a stand-alone switch if you require gigabit switching between the servers (but ask yourself if you really do).

    So I guess my vote is probably for a FortiGate-50B or -60B. You decide if you want to get the UTM features (annual subscription)... but I'd be happy with either of the others too if I were you. ;)
    twitter: @astorrs
    profile: linkedin.com/in/astorrs
    · Share on FacebookShare on Twitter
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    astorrs wrote: »
    I would consider the Cisco ASA 5505 mentioned previously, the Juniper SSG-5, the FortiGate 50, 60 or 100 series. I would lean to the later due to FortiGate having both integrated SSL VPN (Cisco has too, but it gets expensive fast to add licenses) and UTM (Juniper has).

    I would just purchase a stand-alone switch if you require gigabit switching between the servers (but ask yourself if you really do).

    So I guess my vote is probably for a FortiGate-50B or -60B. You decide if you want to get the UTM features (annual subscription)... but I'd be happy with either of the others too if I were you. ;)


    I agree with the FortiGate call but I'm a FortiNet fanboy;
    · Share on FacebookShare on Twitter
Sign In or Register to comment.