1. Home
  2. Networking Firewalls
  3. Recomendation for firewall

Recomendation for firewall

I plan to update our hardware firewall. I seem to have narrowed the selection down to the D-link DFL-800 and the Cisco 1712 both are around the =A3600 mark.

I have used cheaper models from 3com and Netgear in the past and both have been unsufficient for the kind of application we need them for.

We need a model that is relativley easy to configure but still allows a large amount of "customisation".

If anyone has any views on these models or could suggest something that I may have missed....

Thank you.

Richard

Reply to
rich.nw3
Loading thread data ...

You have not provided much in the way of requirements, and you've not=20 selected much in the way of a firewall.

Check on the WatchGuard X700 unit, it's not cheap, but it's got a lot of=20 features and can be setup with LOTS of custom rules.

--=20

snipped-for-privacy@rrohio.com remove 999 in order to email me

Reply to
Leythos

thanks. I should hope it would be good for =A31200'odd - not really in my =A3600 pound bracket though.....

Reply to
rich.nw3

You've not really told us what all you need to do.

There are reasons the base firewall appliances cost in that range=20 (sorry, I'm in the USA, don't have a pounds conversion handy), and it's=20 about features and capacity.

I've got a DFL-800 and a couple others here in the lab, they are nice=20 base units and I consider them good for homes/soho's, but I don't use=20 them as PPTP Endpoints.

What services are you offering the public?

What protection from the LAN out are you looking for? =20

--=20

snipped-for-privacy@rrohio.com remove 999 in order to email me

Reply to
Leythos

Apologies if I was unclear. Here we go:

We run a hedge fund with 6 active users and a total of 15 pc/servers. We are 100% reliant on the internet for price feeds, emails, etc, etc.

On top of that we have file server replication and public folder replication out to a remote site via VPN of about (3 gb) a day.

We do not serve anything out to the public.

We need to provide for 6 vpn tunnels for users and 1 vpn tunnel for the replication.

This all has to be reliable as the biggest problem we have had is the

3com kit hanging.....
Reply to
rich.nw3

The WatchGuard X700 will do it, and it will be rock solid and it will also allow you to strip content out of HTTP and SMTP sessions (like files that should never make it inbound).

I know it's expensive, but, of you are managing money for others, then you should have that level of firewall.

The X700 has a real LAN and DMZ network, not just an IP in the same network, it has real isolated networks for each, and you could easily setup your VPN's to work with your off-site storage.

The x700 also allows PPTP (as it acts as an endpoint for many connections) and you can purchase (if it's not included) VPN Client software for IPSec connections for remote users.

Reply to
Leythos

Have a look at the FortiGates,

formatting link
The FG60 should be more than adequate for that needs, you can set up multiple Internet feeds for failover as well as content control of what goes through the box for security or productivity, including IPS scanning of VPNs terminated on the unit.

-Russ.

Reply to
Somebody.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.