Firewall Wizards mailing list archives
Recommendation needed for a firewall appliance
From: "Christopher L. Everett" <ceverett () ceverett com>
Date: Fri, 17 Oct 2003 15:51:47 -0500
Hi, I'm a web programm/system admin for a small company in the medical advertising space. We operate on a pretty low budget, but I can get anything I can demonstrate a need for, within reason. In this case, within reason is $500 or less. So, even though we're 6 fulltime and a few parttime employees large, we've outgrown our Linksys BEFVP41 firewall box, because for the life of me I can't make the VPN work, and we could use lots more bandwith to administrate our servers directly on the Internet. Id set up a Linux based Firewall/VPN server, but I just don't have the time to mess with setting up such a box from scratch; the last time I played with FreeSWAN a little over a year ago I was unsuccessful in getting an IPSec VPN going with a Win2K box despite following detailed instructions verbatim. After looking around and seeing what's happening in the firewall appliance market, and thinking about what I'd like to be able to do, I've come up with these requirements: 1) > 50 Mbps LAN-to-WAN throughput (needs a 10/100 WAN port) 2) a 10/100 DMZ port 3) enough VPN speed for 3 to 5 broadband users, 10Mbps or more 4) client to VPN connectivity without needing special software, for Windows, OSX and Linux. 5) maker has a good record on security & releasing patches 6) The firewall/VPN runs in hardware as much as possible. As far as new, currently manufactured equipment that looks good to my inexperienced eye are: 1) Netgear FVL328 2) Hotbrick 600/2 The Symantec 200R and Sonicwall stuff seems to need special VPN software so that's out. But I've also been checking out used equipment on Ebay hoping toget lucky and stretch our budget into something a little more deluxe such as an older Nokia (IP440?) or Watchguard box. One thing that I don't understand are the licensing issues with used Nokia boxes: do the Checkpoint licenses travel with the box or will I have to buy new licenses? Another thing I'd like to know about are the risks involved in running an older, possibly unsupported firewall/VPN box: is it riskier than just running straight NAT access? Are there some of these older boxes I should stay away from? _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Recommendation needed for a firewall appliance Christopher L. Everett (Oct 20)
- Re: Recommendation needed for a firewall appliance Mark Tinberg (Oct 22)
- Re: Recommendation needed for a firewall appliance Christopher L. Everett (Oct 22)
- Re: Recommendation needed for a firewall appliance Julian Gomez (Oct 22)
- Re: Recommendation needed for a firewall appliance Mark Tinberg (Oct 22)