need recommendations for hardware firewall, 100 users

My company's current firewall went just over the 50 user limit, and to avoid having to keep resetting the firewall to allow more connections again, I'm looking for a hardware firewall that will support 100 users or more.

I believe I need it to have built-in VPN tunnel support, using industry-standard VPN protocols, as well. We're expanding to a location with about 5 users, and they'll need to VPN in through the internet to our HQ's network and use the HQ's internet connection through the same firewall.

I also need support for multiple internet IPs.

I see them selling for close to $1000, which is beyond what my boss is willing to pay. I also see cheapies selling for $200, and I'm reluctant to go with one of those. So my price range is something in between the two.

Can anyone help?

Thanks, Dave

Reply to
David K
Loading thread data ...

Hi Dave,

You may wish to investigate the Firewall Appliance Category of Cisco's Product Advisor:

formatting link
The Cisco Product Advisor narrows down Cisco networking products based on product features and business requirements.

The tool can be used in a novice, question-and-answer mode or in an expert, feature selection mode.

Once products are recommended, they can be compared on a feature-by-feature basis.

The results from Cisco Product Advisor may be used for further research and to promote productive discussions with your Cisco partner, account manager, or sales representative.

formatting link
Brad Reese BradReese.Com Cisco Certified Network Enginner Jobs United Kingdom: 44-20-70784294 U.S. Toll Free: 877-549-2680 International: 828-277-7272 Fax: 775-254-3558 Website:
formatting link

Reply to

Well, you've got two problems:

100 Users is a problem because you have a cheap boss.

$1000 for a VPN capable unlimited user firewall appliance that also supports branch offices seamlessly.

I would suggest a WatchGuard Firebox III/1000 for the main office and then a SOHO-6tc for the remote branch office, but this is not $1000.

You could also purchase a FireBox 700 and then use a cheap SOHO VPN router at the remote office - dedicated IPSec tunnels to the main office.

There is also the cheap, not really a firewall method, that uses just two VPN routers - the $200 you mentioned. Since they are not firewalls you don't get any protection except for NAT, but since your boss is cheap that may be all you need. Many cheap units like the Linksys BEFVP41 support IPSec tunnels directly between two fixed IP addresses and they work quite well, but they are not firewalls.

If you have a email server inside the network, web server, database, etc... You really need a quality firewall appliance to protect the network.

Reply to

Try to get a Cisco PIX 500 serial firewall. I think you can get them under $1000.00 which also support VPN. You can visit my website

formatting link
see almost every kinds of commercial firewalls.

Good Luck.

William Leythos wrote:

Reply to
William Sun

There's also the build-your-own route... It's far cheaper money-wise, as any company with a 100 users usually has a few spare machines already lying around. Depending on the implementation, the learning curve can be higher.

IPCop, m0n0wall are just a couple of the pre-rolled free options. You can also just install OpenBSD and learn about the wonderful world of pf, openVPN, etc... :)

If your boss is really so cheap as to skimp on a security solution, maybe this is a way around doing it half-assed.

Reply to

Well if your boss is that cheap on security he might as well just turn the firewall off.

If you set a level of spending on a 100 user multisite setup like that you're asking for trouble. And it will cost your more in the long run fixing up security and performance issues.

Reply to
Mark S Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.