For small company definitely Meraki as Charold suggested. Meraki integrates with SourceFire which is pretty good solution. For bigger companies you need to thing as dedicated box for some services.
Problem of UTM is performance when you enable all enhanced features. Not enough CPU power on...
This is a real BS. Fortinet is good just for the flower stand and nothing more. Just keep the ASA5512X, install 9.3 SW and consider to upgrade to SF (just need a SSD disk upgrade + license for FireSight managment and you are on the horse).
Palo Alto is even worse. Check this...
I would argue this, since SourceFire/Cisco is a market leader by far. Just check the NSS labs for testing the products and you will see that SF is the winner for last 4 years.
I would suggest to you to check the SF solution.
Usually you have FW in place to do the SIP inspection. Behind the FW you should have enterprise CUBE/SBC box which will use SIP trunk authentication with the SP which is providing the SIP trunk. CUBE/SBC is kind of FW for voice traffic.
Some related papers...
Can you ping from VM (VLAN2) to IP Address of VLAN3?
Can you ping between VMs in different VLAN?
You need to find out that VLAN routing is working on Cisco 3550 switch. If this works then you can add Pfsense.
Remove this command "vlan dot1q tag native". You have specified that VLAN1 (native) is also tagged, but ESX does not expect to get tagged traffic for VLAN1, since ESX does not tag VLAN1.
Or change on ESX to tag also VLAN1.
This should solve the problem.
If you want to have serious DC solution that you will think about Nexus 3k or 5k it depends on what kind of features you need. If you need SDN prepared DC network then look at Nexus 9k.
If you will have blade centre think about Cisco UCS. Check UCS you will not be disappointed.
As always the answer is depends. If you need this for Enterprise DC, then you need something like Cisco Nexus5k or maybe Cisco 4500X.
If you need for home usage, then look for Netgear, but do not expect very good performance.
Did you change MTU size on switch. For iSCSI traffic is recommended to change MTU.
Check it with "show system mtu".
On 2k/3k you need to set it for the whole system.
Change it to biggest possible: system mtu jumbo xxxx
What kind of authentication/encryption you are using?
I haven't seen any problems with the linux/mac/windows on wireless network (roaming) using Cisco equipment and using PEAP+AES or EAP/FAST+AES on several networks.
Push Aruba to fix it.