New gear for home

Discussion in 'Networking & Security' started by Motley, Feb 27, 2019.

  1. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    Yo wassup my fellow hardcore networking experts.

    I just had a bad experience with Unifi USG, AP Pro, and US-8 switch. Purchased all brand new, and now I am returning to newegg for refund. Don't ask for details. Lets just say I spent 4-5 hours of fighting with this gear, endless amounts of problems.

    So now I am searching for an alternative, and I will spend more for better network equipment.

    Requirements are: fasted AP with PoE 5G, High quality firewall with high throughput, my concern is when having IPS enabled I don't want it to slow down my 450mb internet. And a managed 8-10 port managed L2 switch with PoE port for the AP.

    Budget is around $700-900.

    I was thinking of Sonicwall TZ300, Cisco AP WP-581, and NETGEAR 8 Port Gigabit Ethernet 62W PoE

    Let me know what y'all think...
     
  2. Machupo

    Machupo Gravity Tester

    Messages:
    4,836
    Joined:
    Nov 14, 2004
    Describing your problems and attempted solutions would have the benefit of telling folks what kind of gear / level of config you are comfortable with (that way they could recommend a more appropriate solution).
     
  3. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    9,867
    Joined:
    Jun 13, 2003
    You can use any switch, you'll probably want to use a Unifi AP regardless, but to hit that IPS mark you'll probably want to build your own router using pfSense and some x86 hardware. That Sonicwall is only rated for 300Mbps IPS.
     
  4. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,405
    Joined:
    Oct 4, 2007
    Not to mention Sonicwall is a pretty abysmal product.

    Build your own pfSense for sure.

    However, I have no idea what your expectations are for ease of setup. It sounds to me like you're looking for prosumer gear, but don't have the technical abilities to work with that kind of gear.
     
    FNtastic likes this.
  5. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    My level of network knowledge is CCNP level, my job is a network engineer. What's wrong with Sonicwall? never heard anything bad about them, and a few years ago had a job managing a pair of sonicwalls and thought they were fine.

    My old gear this is replacing is Cisco ASA 5505, Netgear Nighthawk X6 in AP mode only, and an old as hell Cisco 2950 (Other obligations in life have prevented me from having a solid home network).

    I am not interested in building pfsense box.

    Ok how about the Sonicwall TZ400 rated for 900mbs IPS. It has PoE ports, so I can save some money not buying a switch.
     
  6. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,405
    Joined:
    Oct 4, 2007
    You're going to spend far more than that for any of these solutions. A TZ400 is going to be over $1k with a subscription which will be required for firmware updates and support. For the money you are so much better off with a Fortigate like a 50E or 60E. You're still into the $1k+ range, though.
     
    hawk82 and FNtastic like this.
  7. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    I am at $903 for the TZ400 w/no support and Cisco AP on Amazon. I can always add the support later.
    https://www.amazon.com/gp/product/B00WH4A0X4/ref=ox_sc_act_title_1?smid=A28MVVDMV1B5DM&psc=1
     
  8. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    9,867
    Joined:
    Jun 13, 2003
    Biggest issue is that it's at the limits of its hardware at 900Mbps IPS and far slower for other functions- and that's if you're willing to keep up the support subscriptions that are going to wind up costing more than the meager hardware versus a beefy custom pfSense box.

    I won't comment on the difference in real functionality and realized level of protection. The Sonicwall may well be superior; of course, you can pay Netgate the same as Dell (I think?) for the same level of support if you need that.
     
    FNtastic likes this.
  9. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,405
    Joined:
    Oct 4, 2007
    Flat out, for me - there's no way in hell would I pay $650 for that, and even then you aren't entitled to any security features at all since that is the SKU for the hardware only. If I was in the market and I had the budget to actually buy a business-grade firewall it would be Palo Alto first and Fortinet second.

    Edit: My response probably came across a bit aggressive, and it wasn't my intention. Apologies.
     
    Last edited: Feb 28, 2019
    FNtastic likes this.
  10. boss6021

    boss6021 Limp Gawd

    Messages:
    337
    Joined:
    Oct 11, 2006
    Personal preferences aside, if you are comfortable with the Sonicwall products, they will serve you well. They have some decent competitive upgrade options that make them hard to ignore on pricing.

    A TZ400 would work well for you if you aren't enabling all security services. A pfSense box may be all you need though. It will be very basic in comparison to what Sonicwall has to offer security wise, but may fit the bill for home use.

    Let me know if you need any assistance, and myself or any of the other helpful members here would be happy to assist.
     
    Cmustang87 likes this.
  11. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    Thanks everyone for all the feedback. I decided to just go with the TZ400 and the Cisco AP ac wave 2. Will be ordering tomorrow. Can't wait to start playing with this.
     
    Last edited: Feb 28, 2019
  12. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,405
    Joined:
    Oct 4, 2007
    Which AP did you go with? Is it one with Mobility Express instead of CAPWAP?
     
  13. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
  14. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    Well I got everything setup. And I must say the Sonicwall and Cisco AP are outstanding. I'm still playing around with things, VLANS, rules, etc. I'm getting my full 480mb download speed with IPS turned on. And all my laptops are getting 900mb for wireless.
     
    Last edited: Mar 10, 2019
  15. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    Here's my new stuff. I haven't purchased the Sonicwall license and support yet, will probably get the advanced security suite in a couple weeks. But I was able to download and update to the newest firmware.



    V-WX22S_ecYZbdVOyZR9uowF04hsZFx5Eb4FBvOkpBjP594vjLOZJDSywxOclvaScPy3cpl6A5haT0yVSs=w1227-h920-no.jpg

    0qU-ZtJnZAHOso7KeHoeQg4yUXGuoAzxcRuHa1t1fqGShmEC3Vy5B39_5MYQPhUbbnck593dxfWSO8Th4Q=w1227-h920-no.jpg
     
    boss6021 and FNtastic like this.
  16. FNtastic

    FNtastic [H]ard|Gawd

    Messages:
    1,347
    Joined:
    Jul 6, 2013
    Looks good. Here's a ubiquiti AP LITE I installed recently. Popcorn ceiling as well :D
    IMG_20190214_174240.jpg
     
    /dev/null and Motley like this.
  17. Motley

    Motley 2[H]4U

    Messages:
    2,446
    Joined:
    Mar 29, 2005
    Very nice! ..and here I thought I was the only last one with popcorn ceilings. lol
     
    FNtastic likes this.