Re: Firewall Appliance Suggestions

[Suresh Rajagopalan <sraja97 () gmail com>]

Linux + iptables + fwbuilder



On Thu, Jun 30, 2011 at 8:50 AM, Blake T. Pfankuch <blake () pfankuch me> wrote:
> Howdy,
>                I am looking for something a little unique in a bit of a tough situation with some sticky 
> requirements.  First off, my requirements are a little weird and I can't bend them a whole lot due to stipulations 
> being put on me.  I am in need a firewall appliance which can be run on VMware vSphere, with IPSEC support for 
> multiple Phase 2 negotiations within a single Phase 1.  I am also in need of something that can support VLAN 
> interfaces on the LAN side, and ideally something with multi zoning so I can keep LAN side networks separate from 
> each without ridiculous firewall rules.  Meaning build a zone for "Customer network 1" and it displays separately 
> (ease of management and firewall config hopefully).  I need a minimum of 10 "zones" on LAN side (/29 or /30), and NAT 
> support for LAN to WAN (to dedicate all outbound connections to a single IP from a specific zone), ideally something 
> extremely scalable (100-200 zones).  And here is the super fun part!  I need something that is going to be web 
> managed primarily as minions will be doing most of the day to day maintenance, or very simple CLI config.  Willing to 
> pay for something if need be, but looking for something that can easily handly 50-100mbit of throughput.
>
> Any Ideas?
>
> Thanks!
>
> Blake Pfankuch