We use Sonicwall firewalls at work. The newest ones have available 'gateway antivirus' and 'intrusion/spyware prevention' using per packet inspection; both require an annual subscription from Sonicwall to get a continuously updated list of signatures and such, much like a subscription to get updated DAT files for a software antivirus package.
We're actually happy with these; they've been effective as an additional layer; while they can't stop everything they've reduced our incidence rate at the desktop level quite a bit (incidents being virus detected/access prevented/virus deleted or quarantined/malware prevented from loading/etc); we've been fortunate in not having an actual infection in a couple of years.
I'd love to get that kind of protection in place for parents, relatives, etc. Since I have a Sonicwall at home (older model, but then I don't run wintels so most of those new features don't matter to me anyway) I can have site-to-site tunnels set up to manage sonicwalls at any relative's location for them.
Unfortunately the cost of even the cheapest Sonicwall solution (TZ150) with the gateway antivirus and intrusion prevention is quite hefty. If it was just the hardware and annual support (for firmware upgrades; I've never had a hardware failure other than an easily replaceable power supply) it'd be fine, but the annual subscriptions, even with discounts from a reseller, add up to a point that home users with $600 Dell desktops throw a fit, and I certainly can't afford to buy it for the relatives _every year_ even if it ends up saving me many hours of "relative's peecee support".
So... are there any other firewalls or security boxes that can do "deep packet inspection" and weed out virii and malware/spyware/trojans, etc, on an external device that can be managed remotely, preferably via an IPSec VPN tunnel? For less than the cost of the Sonicwall solutions? Or are those premium features that only come at higher price points right now?
Thanks for any info.