Anyone played with Astaro Red?

I saw these the other day while surfing their site. It looks cool. Be interesting to see how well it works
 
Yeah, I might use this for a non-profit client of mine, they have 5x small satellite offices...just 1-2 computers at each satellite, about 35 at the main. I wanted to get Untangle in there...but the satellites are kinda small and some of them are tight space-wise (branch offices at 2x courthouses, 1x at a police station in a small rooom). Current WAN is done using Linksys RV0s.....but I'd like some UTM protection..and having a full extra PC for Untangle at each branch office is difficult.

I like these...and the Red boxes are tiny..like a normal little home grade router.
Only thing I'm not crazy about...it's not split tunneling, all internet traffic from the branch office gets fed through the VPN pipe to go out the main UTM at mothership. It's good in one way...yet, 3 of the satellite offices have smaller DSL connections...6/768...so the pipe might get a little full. 15/2 cable at mothership, 7/1 cable at the 1 larger branch.
 
Can they justify using some sort of super micro sff server? I know it might me a little harder price wise, but size wise.... Might be easy.
 
Disclaimer- I work for Astaro. No sales pitch, though- just a little info.

I've been using RED since early betas, I really like them for their intended purpose, remote office connectivity to an Astaro-managed central office.

If anyone want to ask questions or see a demo, send me a PM (rather than clog the forums) and I'll be glad to answer.

Jack
 
I thought the RED boxes looked interesting, too. Have not had a chance to sell them yet, though. Might have to take another look at a few of these since Cisco can't get their shit together and ship ASA firewalls.....
 
If there is no split tunneling that truly puts it at a handicap. I would have been very interested in it for our remote office when we move.
 
ciggwin said:
If there is no split tunneling that truly puts it at a handicap. I would have been very interested in it for our remote office when we move.
Click to expand...

Yeah that's what I'm trying to decide. This particular client I'm thinking about it for....they need all their VPN tunnel to run this clumsy access based application. Internet traffic shooting through the VPN tunnel will take up some lanes of the highway..leaving less for the app. However...this client has satellites with just 1-2 PCs. So it may not be much of an issue. Benefit from this....the red box for the satellites is tiny...the size of your typical stinksys home router.

If it did split tunneling...being a UTM box, it would have to be a beefier box....and now we're back at pricey and large box at each branch.
 
Not really about RED but did you see that Astaro has released Security Gateway Essential Edition that is FREE for business use now? No UTM features but you get the firewall and VPN and central management from Command Center for free. Hell, that's a fantastic deal right there....

http://www.astaro.com/landingpages/en-worldwide-essential-firewall
What Can the Essential Firewall Edition Do for My Business?
The Essential Firewall edition provides protection for unlimited IP addresses and the following features without any time limitations:

Networking: Internet Router, Bridging, DNS server & proxy, DynDNS, DHCP server & relay, NTP support, automatic QoS
Network Security: Stateful Packet Inspection Firewall & Network Address translation (DNAT/SNAT/Masquerading)
Remote Access: PPTP and L2TP over IPSec support (including iPhone support)
Logging/Reporting: Full logging on local hard drive, searching, real-time reports for hardware, network usage and network security, daily executive reports
Management: Web-based GUI in local languages, setup wizard, configuration backup & restore, administrator notifications, SNMP support, centralized management via Astaro Command Center (also free of charge)
Click to expand...
 
Would you see any advantage to that, over say..pfsense or m0n0 or smoothie?
My take...if I'm going to do something custom like this....I want UTM...aka Untangle..or in this case...pondering Untangle. I've seen the benefits of UTM so much....
 
Well, advantages for me are I like the GUI a TON better than pfSense or m0n0wal or SmoothWall. Also, Command Center for multiple sites is nice. SSL VPN and IPSec VPN that just work, even with the Cisco VPN client, that's a huge plus. Also, you can use the box for internal DNS, DHCP and NTP server. I guess I'm just a big fan of the Astaro boxes in general. I think it would be a great general purpose firewall for people that don't want to pay for Cisco, SonicWall, etc and want a name with support behind it. The Astaro Community is fairly large and supportive, you can also call tech support, which you can't do with pfSense the last time I checked...

I agree that the lack of UTM features is disappointing but you can always add that for a nominal fee down the road . . . .
 
"So what did you do today Cat?"

"Ohh....the wife went out to yard sales with her friend...I wanted to work on my boat...but no....no...I had to go download Astaro, burn it, and install it on an old P4 3 h/t hulk I had. So yeah I'm running from it now!"

One of my older gaming rigs I had retired....P4 3.0 h/t, 2 gigs of RAM, Asus P4C800, onboard Intel giga, couple of PCI NICs in there..3COM 905b and a Netgear FA311 or something..using the Netgear for my green NIC.

I blame the Captain for getting me to spend my day inside. :D

Gotta get used to this different approach to QoS. Smooth web admin....I don't remember it being this slick many years ago when I tried it.
 
oh, sure . . . blame ME for YOU being an extreme indoor enthusiast . . . sheesh . . .

Anwyay, yeah, the QoS is different than Untangle and pfSense but it works fantastic once you get it setup right. Also, make sure you tweak the packet filter or otherwise all traffic except http/s, IM, VoIP will be dropped on its way out the tube. I usually just allow everything out since my son is always finding some new online game or something to play and I got sick of getting calls from my wife saying the internets were broken.
Posted via [H] Mobile Device
 
Captain Colonoscopy said:
. Also, make sure you tweak the packet filter or otherwise all traffic except http/s, IM, VoIP will be dropped on its way out the tube. I usually just allow everything out since my son is always finding some new online game or something to play and I got sick of getting calls from my wife saying the internets were broken.]
Click to expand...

Yeah that's the first main tweak I did...."allow all out from internal"...else the boy would have whining that his games wouldn't play online, some of wifes real estate stuff wouldn't have been wonky, etc etc. Instantly brought back memories of when I ran Microsoft ISA at home for a while.

It's really matured since I last tried it a long time ago.
 
We're actually testing one in our office for our green network next week. If we like it we're going to start pushing them out to customers as early as middle of June.
 
Well downloading to play with now :D
Maybe it'll end up replacing my PfSense box, but I have to say they've got one slow ass website.
 
downloaded their esx appliance an hour or so ago. will load it up tomorrow and play around. might replace pfsense with it we will see.
 
Nice to see more peeps checking out this UTM appliance. It really is one of the best out there, IMO. It does require some tweaking to get it setup right, but once that's done it pretty much takes care of itself in my experience. I only wish the business versions weren't so expensive, I might actually be able to sell more of them instead of barfaccuda....
 
calvinj said:
is barracuda a far comparison? They don't have an all in one UTM appliance. To even get the perks of something like astaro you would have to mix a few of their products.
Click to expand...

See that's the thing though. A lot of my clients already have a Cisco firewall right. So, they decide they want anti-spam and content filtering. Half the time buying two Barfaccudas ends up being cheaper than an ASG. Sad really.
 
So I played with the online demos of Astaro and it seems to be very robust.

I just wonder about the subscription pricing. Most of the reviews I read mentioned how great the product is but that their biggest downside is cost.
 
Is this any better than pfSense if you don't need any UTM functionality? (eg. no need to block websites, online chat, etc)
 
The subject of my post here was the "Astaro Red" product..which is a specific light WAN product....not the whole Astaro line.

Having been a longtime user and fan of PFSense....and having used Astaro at home for a few days now, I don't see the logic of using Astaro if you're going to disable the UTM features. I suppose you could leave some features off..and use some of the barebones features. Astaro would compete again other UTM distros like Endian and Untangle.

That being said, it's a very matured product, I find it to be a solid product to go head to head against Untangle, with each having its strengths and weaknesses. I actually like Astaros reporting better...from the dashboard point of view. However, the UTM version of Astaro is not free for businesses to use..unlike Untangle, and I think Untangles prices for pay for packages still beats it. I'd lean on Untangles AV and Spyware protection to be better. Yet Astaro has more VPN options.

QoS wise...I'm still trying to adjust to Astaros QoS features....from experience of using it over the past several days I find PFSense works better in this department. Granted I'm still learning and tweaking, but so far I cannot give myself as smooth of an experience with my online games while others in this house are busy online.
 
Just got shipping confirmation, mine gets here Friday, so I rescheduled all my appointments so I could play :p
 
The feature that I want the most from Astaro Red is the capability to send an unconfigured router to one of my restaurants that they just swap out and read off the serial number. That alone would be worth it to me.
 
You must log in or register to reply here.
Back
Top