Need a new firewall/router for a medium sized office

D

digicat

Limp Gawd
Joined
Aug 13, 2004
Messages
184
I'm looking into getting a Sonicwall device (or something comparable), but am not sure which one to get. I've got an office with around 20 computers and an Exchange server.

Any recommendations in the <$1200 range?
 
Before you listen to these clowns who spew out "Cisco ASA" every time someone asks a about a firewall, why don't you give us some info on your needs.. like:

-Throughput needed
-Will you be terminating vpn sessions on it?
-Do you need a UTM or just a Firewall/Router
-What is your WAN link & LAN ?
 
green91 said:
Before you listen to these clowns who spew out "Cisco ASA" every time someone asks a about a firewall, why don't you give us some info on your needs.. like:

-Throughput needed
-Will you be terminating vpn sessions on it?
-Do you need a UTM or just a Firewall/Router
-What is your WAN link & LAN ?
Click to expand...

oh you getting sick of hearing cisco ASA every thread too ? fuck the asa units..
 
Yes it's very tiring. This forum loves to tell everyone in the world to use a Cisco ASA and Ubiquiti Unifi for everything.
 
Well there is a reason for that.

Cisco ASAs work well. And what was that saying "No one was ever fired for buying Cisco." Although whomever said that never used one of their RV series routers, what pieces of crap those are.

My issue with Cisco is paying the Cisco tax. I'd rather get the most for my money no matter who sell it.

Ubiquiti Unifi's have the features of a $600 AP at a $89 price. And for most users they work far better than what they had previously installed.


Ubiquiti Unifi units are not without flaws either. The java console is a no-go for many users too. Ubiquity is considering making a add on that will run the Unifi console on their $100 Edgerouters. When that arrives, consider the low end edgerouter a reconfigurable $100 AP controller.
 
Mackintire said:
**snip**
Ubiquiti Unifi units are not without flaws either. The java console is a no-go for many users too. Ubiquity is considering making a add on that will run the Unifi console on their $100 Edgerouters. When that arrives, consider the low end edgerouter a reconfigurable $100 AP controller.
Click to expand...

Hadn't seen that yet. Interesting. Could be paving the path for seemless roaming...

Back to the OP's question, Green91 does have a point. We really so need more information as tothe specific features, required throughput based on features, budget,etc.
 
Mackintire said:
Well there is a reason for that.

Cisco ASAs work well. And what was that saying "No one was ever fired for buying Cisco." Although whomever said that never used one of their RV series routers, what pieces of crap those are.

My issue with Cisco is paying the Cisco tax. I'd rather get the most for my money no matter who sell it.

Ubiquiti Unifi's have the features of a $600 AP at a $89 price. And for most users they work far better than what they had previously installed.


Ubiquiti Unifi units are not without flaws either. The java console is a no-go for many users too. Ubiquity is considering making a add on that will run the Unifi console on their $100 Edgerouters. When that arrives, consider the low end edgerouter a reconfigurable $100 AP controller.
Click to expand...


Cisco does generally make great stuff. However, they are almost never the best buy for a situation as there is almost always something else that does the job as ewll/better that costs less. they are almost alway the high bid on any big project getting slayed by hp, juniper, and brocade cost wise


the unifis biggest shortcoming is advertising 300mbps of throughput on a device with a 10/100 uplink :p

then its the java issues with the controller software :p

the asa's cost more than most comparables, but every device in those areas has shortcomings, (and of course on top of more $$ up front, smartnet isnt cheap, at all)

that being said I have deployed ASA's before


Nate7311 said:
Hadn't seen that yet. Interesting. Could be paving the path for seemless roaming...

Back to the OP's question, Green91 does have a point. We really so need more information as tothe specific features, required throughput based on features, budget,etc.
Click to expand...

yup. who knows what he needs or what fits best at this point
 
The network is connected to a T1.

The present device is a Sonicwall SOHO3, apparently purchased in 2003, which has 1to1 NAT set up.

So, I'm looking for something to provide both UTM and some routing.
 
Zyxel USG100 or higher. Full UTM features, almost every type of VPN capability, and reasonable pricing.
 
Take a look at a small Fortigate unit. Their UTM is very strong, great application control and of course routing. They do have a renewable cost for updating application, ips, AV, etc signatures, but it should be pretty reasonable on a small unit. They also support point-point VPN, VPN clients, NAC, bandwidth throttling, HA clustering, etc. I manage several of these units. Fortunately for you.. a T1 is so slow pretty much any UTM these days will handle it without breaking a sweat.

For example:
http://www.avfirewalls.com/FortiGate-60C.asp
 
Zyxel USG 100-300 or Fortigate will work if you need or want Layer 3 abilities.

The fortigate has more features and will probably cost more.

You can use a better sonicwall unit like a TZ215 but you may max its capacities depending on your expected future growth. The NSA2400 is the next real step up, but the support costs will be much higher.


For the Zyxel units I'd consider (plan for) what you believe is your future internet connectivity. The USG 100 is going to limit you to about 30Mbps with all the UTM features on. The USG 200 is going to be closer to 45Mbps.

Turn the UTM features off and the USG 100 can easily move 100Mbps WAN to LAN

Since you have T1 it won't matter, but its good to be considering your future plans.
 
You must log in or register to reply here.
Back
Top