![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Symantec Gateway Security 5400 series...anybody got any info?
- Thread starter El Nacho
- Start date
No doubt that Symantec makes some good software/hardware. However they I feel are relatively new to the appliance scene. I'd rather invest in a SonicWall or Watchguard unit.
I have a sonicwall Pro model in my office with many additional add-on's like anti-virus filtering, IPSec VPN, and View Point managment and reporting software. However if I were to do it over again, I might have gone with a Watchguard unit as the managment and reporting software is built into it.
And as for the "this is going on a fairly large network," comment. What's your idea of large, and what type of internet connection is it? You maybe buying too much hardware, or perhaps too little. If you truley think this is a fairly large network, I'd get a checkpoint firewall over a symantec product....
I have a sonicwall Pro model in my office with many additional add-on's like anti-virus filtering, IPSec VPN, and View Point managment and reporting software. However if I were to do it over again, I might have gone with a Watchguard unit as the managment and reporting software is built into it.
And as for the "this is going on a fairly large network," comment. What's your idea of large, and what type of internet connection is it? You maybe buying too much hardware, or perhaps too little. If you truley think this is a fairly large network, I'd get a checkpoint firewall over a symantec product....
This is for my work. Im the co op so they are making me do the research. In the states, we have over 60 servers plus lord knows how many terminals and fat clients. This isnt for that though. This is going between out network and our overseas office's (they are pretty much on a direct connection). We are pretty much looking for something to manage the connection, keep virus' from comeing over from them, and a few other things. One think i know they wanted to know was how they handle the updates (ie: are they automatic). I am supposed to write up some info on this and others like it so they can choose which is better, and im a little lost. Thanks for the help.
EDIT: I just asked him what is more need, or what wont be used. I've been told we are not going to use VPN. The only things we will be really using this for is a firewall and antivirus scanning. He (the boss), wants the av defs to updated automaticly. Can any of these do that?
EDIT: The connection will be a dedicated 128 line.
EDIT: I just asked him what is more need, or what wont be used. I've been told we are not going to use VPN. The only things we will be really using this for is a firewall and antivirus scanning. He (the boss), wants the av defs to updated automaticly. Can any of these do that?
EDIT: The connection will be a dedicated 128 line.
We've been using Symantec FW and appliances for the past couple of years and they run well. We are thinking about upgrading to the 5420 and 5460 but with Firewall only ( none of the other stuff)
I would highly recommend you meeting with your symantec rep to get better details.
I think for a 128K line, its definitely overkill.
I wouldn't recommend using the built-in antivirus for your primary antivirus. If you are downloading big files/attachments, it can impact your fw performance. Also, the antivirus filtering only applies for http, ftp, and smtp.
Also, the liveupdate feature is nice, but i stand by the fact that i don't ever want anything automatically updated on my firewalls. Ever.
Also, the sgs is an application layer fw. It has some packetfiltering capabilities, but it is a nightmare when trying to set your ruleset and then setting another rule on your packet filter rules. I was hoping that changed it from the way it used to be on the SEF and Velociraptors, but it works the same in SGS.
Your requirements don't sound complex, so i think you might be better off with a simpler packetfiltering fw. (like a pix/netscree, bsd/linux fw, or sofaware(checkpoint)
I would highly recommend you meeting with your symantec rep to get better details.
I think for a 128K line, its definitely overkill.
I wouldn't recommend using the built-in antivirus for your primary antivirus. If you are downloading big files/attachments, it can impact your fw performance. Also, the antivirus filtering only applies for http, ftp, and smtp.
Also, the liveupdate feature is nice, but i stand by the fact that i don't ever want anything automatically updated on my firewalls. Ever.
Also, the sgs is an application layer fw. It has some packetfiltering capabilities, but it is a nightmare when trying to set your ruleset and then setting another rule on your packet filter rules. I was hoping that changed it from the way it used to be on the SEF and Velociraptors, but it works the same in SGS.
Your requirements don't sound complex, so i think you might be better off with a simpler packetfiltering fw. (like a pix/netscree, bsd/linux fw, or sofaware(checkpoint)
I could be wrong on a few things, so lets assume this isnt over kill for what they want....(I will tell him my opinion though). For the firewall and AV part...do they work well? One guy allready has to manage just about all the servers, so the he wants to be able to set this up, and forget about it for the most part. Can you think of any place besides symantic's website that has good info on this? What other appliances would be in the same catagory as this?
I guess if this is overkill, what would you recommend? How fast would the line have to be for it not to be overkill?
EDIT: What about the watchdog v60l?
I guess if this is overkill, what would you recommend? How fast would the line have to be for it not to be overkill?
EDIT: What about the watchdog v60l?
A SonicWall Pro 100 with the Antivirus option would be a good start. You only need to buy the 5 user version and not install it on any machines. The firewall wil update itself and block any file extension you want.
The Watchguard V class does not have an antivirus option.
A 128kb line is cake, and a wimpy Linksys SOHO router could do that with ease.
The Watchguard V class does not have an antivirus option.
A 128kb line is cake, and a wimpy Linksys SOHO router could do that with ease.
maybe I'm wrong on the line speed. I dont know why that number sticks in my head. How fast would the line be to warrent the hardware he is looking at? Is there any other reason he might be looking at the symantic if he isnt going to us vpn? or is there something cool that it does that im missing. I allmost wonder if he is looking at is because its by symantic. He doesnt seem to like knew things...and the price doesnt really seem to bother him.
EDIT: THanks for all you help...
EDIT: THanks for all you help...
If we are not including VPN as that has tremendous overhead in the encryption process, and no anti-virus features. The Symantec unit could possibly handle an OC3 connection.
Once we throw in anti-virus scanning and other real time filtering like application layer filtering, then expect that number to drop significantly. How much, is up to you and what services you want to run. Realistically a T3 should be easily handled with this unit.
Once we throw in anti-virus scanning and other real time filtering like application layer filtering, then expect that number to drop significantly. How much, is up to you and what services you want to run. Realistically a T3 should be easily handled with this unit.
Thanks for the help. This is probally one of the hardest things ive had to research, mostly because I dont know anything about it. I've got to believe that if he has no problem dropping that Kind of money then there is somthing in the symantic that he wants. Im looking at the sonicwall stuff now. Is there any good place to go and get an unbias opinion on this stuff? Or is there any other info i could give you that woud help you help me(if that makes sence)?
EDIT: What other ones have the option for av? and if you know know are they automatic (updates and all)?
EDIT2: Talked to him again. I think he is pretty set on the symantic one (doesnt want to use mcaffee). The other think im looking for is how the licensing works.
EDIT: What other ones have the option for av? and if you know know are they automatic (updates and all)?
EDIT2: Talked to him again. I think he is pretty set on the symantic one (doesnt want to use mcaffee). The other think im looking for is how the licensing works.
I would make sure you have setup a corporate account at Insight or CDW. They have amazing resources avaliable to help sales. I've talked to reps at MS, Symantec, SonicWall, HP Storage, Qualstar, Iomega, Snap Storage, and more. All in finding whats the ideal solution to my company's need. On top of that, with the reps I've talked to, they are so eager to get the sale, they will get you free techsupport a lot of times through one of their own technical support staff. I use Insight BTW, CDW didn't want my money. But I've had good luck with them in the past