Firewall Recommendations?

R

Renegade87

Limp Gawd
Joined
May 3, 2003
Messages
237
Hi Guys,

So I'm considering adding a dedicated Firewall to my network and would appreciate some suggestions.

Here is what my home network currently consists of:

Comcast Arris TM722 Broadband Modem
Netgear WNDR4500 N900 Gigabit WiFi 450/450 Router
2 x Netgear GS108NA 8 Port Gigabit Switches
1 x Netgear WN2500RP Universal WiFi Range Extender
4 Pc's running Windows 7 Home Premium
Netgear ReadyNAS NV+
3 x Blu-ray players - Sony & Oppo (2 wired, 1 connected by WiFi)
Sony PS3 (wired)
Onkyo TX-NR905 AVR (wired)
Sony KDL-55HX800 TV (wired)
2 x Vizio E400 Seies Smart TV's (1 wired, 1 connected by WiFi through Netgear WN2500RP Range Extender)
HP Photosmart Printer

All wired connections using Cat6 ethernet cabling.

So, I want to setup a Gigabit Firewall between the modem and the router (and just use the router as the wireless access point) but I don't want to take a hit on my bandwidth speed.

I was thinking of the Netgear ProSafe FVS318G for this.

What do you guys think?

Thanks.
 
New here myself but I can share some potential pain in this regard.

You need to be very careful about the firewall you get as to the uninitiated it can be very misleading.

For instance, that netgear you listed has a LAN->WAN throughput of only 25Mbps. Even though it has a gb lan and wan connection. Internal bridge throughput between the two is often not anywhere near normal 'switch' speeds or the speeds found on a regular router.

So not knowing the actual bandwidth throughput you get now it can be up in the air as to what to buy specifically but research is your friend.

On a personal note, I've used netgears FVS prosafe line and am beyond unimpressed. For anyone who may like them, more power to you, but i found the interface terrible, and the capabilities mediocre at best.

(My FVS336Gv2 has terrible VPN issues despite numerous firmware upgrades, and the avg throughput on LAN->Wan is 38-40Mbps, having a 75/35 line makes this ridiculous).

That being said, I would steer more towards sonicwall, cisco, or zyxel. Zyxel is kind of a poor mans sonicwall or cisco (basically, loose example), but powerful and great throughput (using a USG50 right now). For the price range of that netgear you listed, youd be better off with a Zyxel USG20 (little more expensive but much more worth it).

Comparison Throughput:

Netgear FVS318 25mbps throughput WAN/LAN - VPN.... lol.
USG 20 150 (cut this in half for bi-directional so ~75mbps) and 75VPN

Hope this helps, whatever you get make sure you find out what the throughput is, and if that is actual, bi-directional, or what.
 
Get a cisco ASA5505 and use that at the edge. Take your existing netgear router and use it as an AP. for the amount of devices you have that need Internet access you will probably need the 50 user license for the ASA.

This is also how I have my network setup. Comcast 50/10 into ASA, the ASA uplink into my cisco 2960g switch. My WNDR3700 is now an AP.
 
If you can swing the cost thats a really nice unit, and robust

Though if you were to go for the 50 bundle ASA id think about the SA540-K9 over the ASA

300mbps throughput vs 150, all gig ports, includes 50 SSL and 100 IPSec seats.. if your in the 500$ range anyway, it could be a better deal in the longer term. (prices are general consumer pricing..)

A 10 user ASA5505 will be cheaper (~300) if you dont need that many connections and need to save some cash, and at that price range going CISCO or Sonicwall your not really going to get much better/gig without going off name to a Zyxel or the like, that is unless you want Netgear...
 
Guys,


Thanks for the suggestions. Last weekend I had done a search and found the Fortinet Firewalls, but thought they'd be too expensive. Right now i'm liking what i'm seeing out of the Zyxel product line. And the pricing is budget friendly. The Cisco and Dell SonicWALL lines are reasonable too.


Though i'm not a noob as far as building computers goes, but this is uncharted territory for me (DUH!). I appreciate your help. Maybe I can pick your brains a bit more as this project progresses?
 
Feel free and glad to be of help. We use sonicwall stuff mostly at work (after the netgear kept dumping our VPN) and I have the netgear at home now for random testing. I used to use a lot of cisco stuff but that has phased with the jobs Ive had but still a bit familiar. The Zyxel is nice, can be a bit quirky but they can fly throughput wise.

If your more concerned about getting better 'support' and possibly higher quality that cisco SA540-K9 should be a really nice option. Of course thats budget considering of course. Zyxel has a pretty large following and theres a lot of forums and helpful people as well so its not like a random off brand with no users and no info.

Anyway, feel free to post/pm or whatever, and good luck on the initial purchase :D throughput is everything! haha - and if/what kind of VPN support/serving you want..
 
How about build a little PC based solution with pfSense and multiple NICs to be your router/firewall ?
 
I'd go for a TP-Link TL-WDR4900, fast cpu and 3rd party firmware support if you want VPN etc or just use your current Netgear router?
//Danne
 
ChristianVirtual said:
How about build a little PC based solution with pfSense and multiple NICs to be your router/firewall ?
Click to expand...

Yeah thats not a bad idea either actually.

So in the end boils down to, can you find something that will physically be able to handle what you want, and how much do you want a 'warranty' and support services?

If that second part isnt super important, a DIY isnt a bad thought
 
You must log in or register to reply here.
Back
Top