Firewall Wizards mailing list archives
Re: Once again..appliance firewall input requested
From: "Adrian Grigorof" <adi () grigorof com>
Date: Sat, 22 Jan 2005 14:07:22 -0500
Another vote for Pix here... Never had one problem with them (since 2000). I develop firewall log analyzers and I worked with many brands of firewalls: Netscreen, ISA, Checkpoint, Raptor/SEF/SGS, SonicWall and many others but Pix is by far my favorite. Many times you can find them on eBay at bargain prices... but even new, they are still cheap in comparison with other firewalls in their class. Regards, Adrian Grigorof www.firegen.com FireGen Firewall Log Analyzers ----- Original Message ----- From: "Matt Bazan" <Mbazan () onelegal com> To: <firewall-wizards () honor icsalabs com> Sent: Thursday, January 20, 2005 3:57 PM Subject: [fw-wiz] Once again..appliance firewall input requested Ok <takes deep breath>..I may be in need of a replacement solution for our current firewall appliances (two NetScreen 50s running in an active / passive high availability solution). For reasons I won't get into (NS being purchased by Juniper?) my trust in these units has been badly eroded. I'd like input on what people are using and their satisfaction levels with them. Our requirements: 1) We run a rapidly growing 24X7 web presence. As our Internet uplink is 4Mb (ok, this will soon be going up..but only by a couple Mb..) we don't need a beefy packet pushing device. 2) We have 25 or so inbound NATs. I like to have 'granular' control over source and dest NAT. By this I mean being able to split these features based upon traffic flow and not having to create the typical bi-directional NAT mapping. 3) Need for 20 or so box-to-box VPNs. Auto key and manual key with the usual VPN flavors 4) The basic requirements for setting policy based access (blah blah) 5) 3 interfaces (4 ideal) 6) High availability solution 6) Static routing only 7) Intuitive web gui 8) 'Robust' command line feature set 9) Detailed reporting 10) Configuration flexibility a must. I'll leave this to your imagination. 11) Something I can setup and it will *work* *work* *work* 12) I'm sure there's more I'm forgetting but I'm suffering from NetScreen induced sleep deprivation and am tired of typing. 13) <=$15K for pair of units _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Once again..appliance firewall input requested Matt Bazan (Jan 21)
- Re: Once again..appliance firewall input requested Victor Williams (Jan 21)
- Re: Once again..appliance firewall input requested Jason Hamilton (Jan 21)
- Re: Once again..appliance firewall input requested Adrian Grigorof (Jan 24)
- Re: Once again..appliance firewall input requested Jason Hamilton (Jan 21)
- Re: Once again..appliance firewall input requested Kevin (Jan 24)
- Re: Once again..appliance firewall input requested Victor Williams (Jan 21)