We are setting up a new office network and would like some advise/experience on firewalls. I have looked at the messages but am still confused :)
Today we have a single external connection (business cable 2/4) but may want to expand with a backup. There will be 2-3 externally visible servers with their own IP and a small LAN - 15 users. We need VPN access (10 licenses) to the servers for external users. We will probably set up the internal lan using a "store" router for NAT but could also use the firewalls NAT. We would like (of course) as much protection as we can get - including intrusion, VP. The degree of "inspection" on the firewall is important but it is hard to see around the marketing. I expect to set up some wireless, but using a separate access point - we will also set up a "guest" wireless (possibly outside the firewall). We also want to make sure we can still use applications - FTP, Netmeeting, etc.
It is even hard to tell what these things really cost when you get the protection packages. I have listed what I THINK they cost. Questions I have are;
- Degree of protection
- Expected life/upgrades
- Support for multiple IP addresses and routing
- Real cost
- Complexity to admin (Tech users but no dedicated support)
- Marketplace position
We are looking at;
Checkpoint Safe@office 225 Comprehensive security $1230 ($180 per year)
-- Or perhaps VPN-1 Edge, seems similar
-- Best "deep inspection"?
-- Market leader?
Juniper NetScreen 5GT Extended $1100
-- Well respected, solid
Fortigate 60 all in one security bundle $800 ($350/year)
-- Fast but may have more limited protection? Hard to upgrade due to hardware?
-- No user limits
-- Best deal and good rep, But not much of a market leader?
SonicWALL TZ 170 25-Node Comprehensive Gateway Security Bundle $750 (May be more hidden $)
-- But it looks like VPN clients are $$30/each, so ad $300!
-- Hints of stability problems.
-- Market leader?
Cisco PIX 501
-- Seems to lag the others
We would really appreciate thoughts and experience!