Peter,
Your pricing seems a little high, you may wish to investigate the Cisco Online Retailer Challenge:
Brad Reese BradReese.Com Cisco Resource Center Toll Free: 877-549-2680 International: 828-277-7272 Website:
I can get an SPI firewall for $80 (e.g. linksys), or something for $300 (e.g. sonicwall TZ 150). I am not interested in using VPN, virus protection or subscription service. Is there any reason to buy the $300 firewall?
This is to be used with DSL, so I need both firewall and NAT functions. My old sonicwall (soho) has a speed limit of around 1.8M/500K while my DSL actual limit is 2.8M/700K.
That experience is woefully out of date. That was true for their gen1 and gen2 devices, got better with gen3. Now with the gen4 devices, the cheapest box they make handles 30mbps.(tz150) next cheapest (tz170) does 90mbps. Mid range,(the 2040, 3060 and 4060) do 200-300mbps. Their high end (5060) will handle GIG at wire speed.
If you get a DECENT sonicwall (nothing that starts with "TZ" in the model number) and get the enhanced OS, the NAT setup and port mapping is one of the most flexible I have ever seen. However, we ain't talking $300 to get that - more like over a grand...
For home, the linksys is porbably just fine. Assuming it really does do SPI (I'm skeptical)
On Thu, 07 Apr 2005 16:01:38 -0400, T. Sean Weintz spoketh
I did some speed tests with the first SOHO10 units, primarily for encrypted traffic (DES and 3DES) just to see if the device would be a bottleneck with the connections we had at the time. Although the results may not have been impressive, the Sonicwall was still not going to be the bottleneck, the DSL connections were too slow to keep up with the device.
I'm sure if someone cares (it's been 5 years since the test), I'm sure I posted the results here somewhere at one point, so it should be archived at google...
Lars M. Hansen
Not trying to "bash" the sonicwall but in my experience most of their mid-to-low price line products suffer from serious speed problems, if possible I'd look for another brand
Regards
Interesting... that unit was already obsolete 5 years ago. I think they eol'ed it like 6 or maybe even 7 yearts ago. Was replaced by the soho2/10, and then the soho3/10. both of THOSE are also no longer made - comparable uinit would be a TZ150.
I just found a work-around for my sonicwall speed limit problem.
Turns out if I disable all the IP filtering (mostly to block ad sites and spam sites), then it can handle the DSL speed without problem. I guess I'd move that list into my host file.
Now I get 2.5M/700K. Not sure if the difference between 2.5M and 2.8M that I got without the firewall is still caused by sonicwall or just fluctuation in line speed, but it's so minor I don't care.
Take a look at a Watchguard SOHO6 or a Firebox Edge 5W. I have a SOHO6 Firewall and love it. You can control inbound and outbound ports with it and it is easy to set up. A good place to start looking is on ebay. I bought my there and saved a lot of money.
Buy a Linksys WRT54GS and spend $20 on the Sveasoft firmware for it. That's my pick for $100 (or less) any day. Best little cheap Linux box around.
-Bob
On Thu, 07 Apr 2005 18:59:11 -0400, T. Sean Weintz spoketh
No, I don't think so. We bought them new the fall of 1999 (that's really the earliest it could have been), and the new SOHO2's were not on the market at that time. The SOHO2 didn't come out for at least another year.
Lars M. Hansen
Check out linux\\FreeBSD you can do everything you need with a cost of an old pc laying around...
Michael
In short, there is no reason to buy the Sonicwall if all you want is SPI.
However, if you want a firewall that will protect your network thats a different story. Sit on a network with even a TZ170 running SPI, IPS, GAV, and Anti-Spyware and you'll soon be praising it.
I've done some testing on the TZ170 and it clocks about 5Mbps with all those features running. Nothing amazing, but suitable for most small business apps and acceptable for the gains in security vs throughput vs price.
In article , Michael Pelletier wrote: :Check out linux\\FreeBSD you can do everything you need with a cost of an old :pc laying around...
Plus the cost of the time needed to learn how to configure and secure it, and the time to figure out which packages you should use (and which not).
Keeping up with Linux can be like trying to keep up with the major plotline developments in a few thousand soap operas.
Hmm... I bought my soho3's mid 2001. By then the soho2's were no more.
I coulda sworn the life cycle of the soho2's was longer that just short of 2 years.
In any case, the benhmark is of a 4 generation old piece of hardware. Good to know if you are buying one used I suppose.
Uh
Regards
On Mon, 11 Apr 2005 12:50:39 -0400, T. Sean Weintz spoketh
It was in response to the "speed problems" post, which I believe is not only for an old product, but also incorrect. In my experience, the SOHO/10 performed very well, and the units were not the bottlenecks on my network...
Lars M. Hansen
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.