Educause Security Discussion mailing list archives
Re: Firewall/VPN/IDS/IPS security appliances - any recommendations?
From: Mark Rogowski <m.rogowski () UWINNIPEG CA>
Date: Fri, 26 May 2006 09:18:01 -0500
We have a FortiGate 400A running in transparent mode behind an aging PIX cleaning the junk that comes through the Internet connection (30Mbps). CPU utilization never goes above 5%. If I had my way the PIX would be gone. FortiGate works real well as IDS/IPS. The traffic shaping is a bit weak, but I'm comparing that to Packeteer. If you don't need too heavy of shaping it should work ok for you. Make sure to look at the FortiAnalyzer as well. Its great for dredging log input from the FortiGate and from what I can tell, will accept info from other systems too. I just received ours so I'm a bit weak on the features. Mark Rogowski IT Security Technology Solutions Centre University of Winnipeg Ph: (204) 786-9034
David () BVU EDU 05/25/06 11:34 PM >>>
We're looking at the Fortigate 500A for our environment, and it appears to be a good fit. Does anyone have any experience with these or similar alternatives? I'd appreciate not getting any replies from vendors who might monitor this group. We currently have a 20Mbit WAN connection and are planning for the possibility of having 90-100Mbps in 3-5 years, and we'd like the appliance to have the capacity to handle that increase. We would put the device at our perimeter. We're looking primarily for firewall, traffic shaping, HTTP/FTP/IM virus scanning, blocking of phishing sites, and IDS/IPS. Being able to function as a router would be a plus. Your feedback and suggestions are appreciated. David Boyer Buena Vista University
Current thread:
- Re: Firewall/VPN/IDS/IPS security appliances - any recommendations? Justin Dover (May 25)
- <Possible follow-ups>
- Re: Firewall/VPN/IDS/IPS security appliances - any recommendations? Mark Rogowski (May 26)