I'm not sure there is something better then the SonicWALL TZ170 for the price.

formatting link
would sell that for less then retail and most anyone else. The subscription based services in my opinion are well worth it considering it covers all computers from the TZ170 and if you were to go software it would only cover 1-2 pcs. I am referring to virus and content filtering.

I have found when talking to sonicguard, they are so nice. Extremly wonderfull to do business with. There's a guy there named Tilly, that's not the correct spelling, but close. He's from South Africa or america, I think south africa, but forget. He's so nice and helpfull. It really is a pleasue talking to him. I called them asking for more info and he basically talked me into buying the TZ150. He helped me finalise my decision. I was already hoping that is what I'd get and he just helped me say yes for sure. I could not find anything on the market that did as much as the TZ150 for the same $289 price range. I looked for a week for like 1-5 hrs each day. Nothing. I myself wanted the IPS to block all p2p and the content filter. When I learned it could do all 3, content filter, IPS for p2p and virus, it blew my mind. I loved how lets you log into a virtual router using their admin software to see what features and settings it has. This made up my mind also cus it was so awesome to me. No other router/firewall appliance I've used has anything close to it. I've only tried a netgear, linksys, belkin and a couple zywalls.

One thing I like about sonicwall is when talking to them for support you get an email within a few minutes after the call. They enter in the issues and then it's in their ticket system. you get an email within minutes telling you that it was entered and where to go to update it, check on its status and so on. you can add comments and read techs comments as well. it's wonderfull.

Also with

formatting link
you have a 30 day money back guarantee as long as the device is not registerred. then there's a 15% restock fee. for me i tried it first as a firewall router to make sure i'd like it enough to keep it. once that happened i then signed up for the 30 day trials it comes with and then paid for the gateway security suite.

Reply to
Loading thread data ...

Here is a follow up to everyone's replies.

First a clarification. The servers are dual xeon 2.88 machines so they are overkill as it is. All the services listed will be running on ONE of the servers. It will have one smtp/pop email server (Rockliff Mailsite) serving up multiple emai/web/ftl domains each domain with different IPs. The machine that is being replaced by this new one already has multiple web sites and email domains as described - so I already know how to do all this on one machine, but thanks for the informative replies anyway? The other server is running an app that uses one "weird" port, lets say port 1234 and remote admin.


----- I talked to the sonicwall folks and for a "low end" router the TZ170 looks pretty serious for a great price. And it will handle everything I need to do here and the ability to filter spam/malware at the firewall level (Macfee engine- would prefer the nod32 engine tho) is a great feature. I am almost certainly going to go this route. Thanks for the tip!


----------- You said - "do you really want to allow POP to the server through the Public connection?" Well yes. My company has a domain name that has emails associated with it and I have users that need to read their email. I have had pop 110 open to the public for years now. Am I missing something here?


formatting link
looks cool! I don't have the time to deploy this setup with something like that but for future things like a better setup at the office putting an old PIII 600mhz machine to use for something like that is an interesting idea. Thanks for the tip.

William Tasso

------------------- In response to my statement:

All unneeded services will be turned off including windows file > sharing.

You said: "Are you sure? and incidentally, do you need to disable anything at all if you're servers are safely behind a good firewall?"

Well here is why. These two machines will physically be on the same LAN behind the firewall. I don't need file sharing between them. So I was thinking that if one was compromised it would be better to turn off windows file sharing on both machines to limit the possibility that the compromised machines could be used to hack the second. What do you think now that is clarified?

T. Sean Weintz

------------------- You said: Not the way he described. 1 outside IP address, 1 port (port 80) being natted to two different IP addresses - which one it gets natted two depending on the URL that was requested. Not to many firewalls do layer 7 aware natting like that.

Sorry for the somewhat vague first post. Each web site/ ftp site will have DIFFERENT IP addresses.

------------------------------------------------------------------------------------------ So, right now it looks like theTZ170 unless further comments tell me better.

This was my first post to this group. It rocks! Thanks everyone?

Reply to

No, if you've already got it secured and know that your users are using strong passwords then it's all good. I would have liked to see you use a VPN for company email and such, not having to expose the ports, but I'm guessing that you're not using exchange server.

Reply to
Leythos Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.