PaulDotCom mailing list archives
Friendly SOHO router
From: raffi at flossyourmind.com (Raffi Jamgotchian)
Date: Fri, 6 Mar 2009 22:02:44 -0500
I've set up and used a half dozen Astaro boxes and endorse them. On Mar 6, 2009, at 9:46 PM, Jack Daniel wrote:
I have not played with Palo Alto myself, but people I respect in the field speak well of them. I tend to play in the SMB market, and Palo Alto is pretty far up the food chain for my world. Remember my previous disclaimer before reading on- I work for Astaro, a competitor in the SMB firewall/UTM network security market. As far as SonicWALL, a lot of folks use them, they have some very competitively priced systems, and they work. I have installed and supported them in the past, they weren't bad, but I wasn't really impressed. The do have a newer line of systems (NSAs) which appear to be a lot better, but I've heard from "Bob" that they may need some hardening/patching if you want them to stand up to advanced and sophisticated attacks (like fragmented packets from of-the-shelf tools). I am sure they will be patched soon, if they haven't already. My experiences with them led me to look for alternatives, that's how I ended up working for Astaro. Most devices in the "UTM" space have more features than needed for this job, although some license the add-ons for web and email separately (like my corporate overlords' products), which might make them affordable enough. At 20 IPs, even just going with the base features (Firewall/VPNs/IPSec) Astaro would be out of the target price range. Astaro and some others offer leasing options if the initial purchase price is a stumbling block, but I don't know if anyone has options this far down the line- it might be worth asking, though. Watchguard was a leader in the UTM space, and they have new stuff coming, but I don't know how much real innovation they have had lately. There is a project, built on Open Source bits called Untangle. It isn't a great product, especially compared to any of the commercial alternatives (I love competing against their commercial products)- but they have a free offering if a build-your-own unit is a possibility. The GUI isn't bad, especially for the price. Just stay away from their stupid "Re-Router" technology, it is just arp-cache poisoning your network to redirect traffic to a VM on a Windows workstation on your network. And, remember to factor the annual renewals into your calculations- those can be a shock at the end of the year when renewals are due. Jack _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090306/a8756548/attachment.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 195 bytes Desc: This is a digitally signed message part Url : http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090306/a8756548/attachment.pgp
Current thread:
- Friendly SOHO router, (continued)
- Friendly SOHO router infolookup at gmail.com (Mar 06)
- Friendly SOHO router Stephen Reese (Mar 06)
- Friendly SOHO router Raffi Jamgotchian (Mar 06)
- Friendly SOHO router xgermx (Mar 06)
- Friendly SOHO router Stephen Reese (Mar 06)
- Friendly SOHO router Dan McGinn-Combs (Mar 06)
- Friendly SOHO router Gregory Baker (Mar 06)
- Friendly SOHO router Russell Butturini (Mar 06)
- Friendly SOHO router Stephen Reese (Mar 06)
- Friendly SOHO router Jack Daniel (Mar 06)
- Friendly SOHO router Raffi Jamgotchian (Mar 06)
- Friendly SOHO router Stephen Reese (Mar 06)
- Friendly SOHO router Russell Butturini (Mar 06)
- Friendly SOHO router Karl Schuttler (Mar 06)
- Friendly SOHO router Stephen Reese (Mar 06)
- Friendly SOHO router Kim White (Mar 07)
- Friendly SOHO router MV (Mar 08)