[AusNOG] Firewall thoughts

Radek Tkaczyk radek at tkaczyk.id.au
Tue Mar 10 10:00:39 EST 2015 

Check out the Cyberoam or SophosUTM line – these will tick all your boxes.

Available in physical and virtual appliances.

Regards,

Radek Tkaczyk
Ph: 0413 383 231

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Chris Gibbs
Sent: Tuesday, 10 March 2015 8:16 AM
To: ausnog at lists.ausnog.net
Subject: [AusNOG] Firewall thoughts

Hey all,

I'm currently working on a project for a client to implement a number of firewalls

The main features I'm looking for are

Virtual
1Gbps throguhput
connections/sec will be quite low.
OSPF
VRRP / HA features
Application inspection
AV/malware inspection
Centrally managed

I have had the Checkpoint virtual appliances in a cluster with the associated central manager testing for quite a while. It fits the bill and works the way I want, it is now time to roll-out to other sites.

However, licensing and bang-for-buck seems a bit extreme and I just want to do a final check before going down the Checkpoint path.

Eventually it will be deployed to 9 sites with the same configuration/zones at each site. No URL filtering or VPN features are required.

I have been looking at the Fortinet virtual series or Cisco ASA (with Firepower) and would appreciate people's thoughts.

The ASA series I have quite a bit of experience with but they are not virtual and the "Firepower" components are very new to market. I also haven't had a chance to play with their central manager tool FireSight.

Fortient I have zero experience with but they rated highly in the 2014 Gartner report (If that is worth anything anymore??) and tick all the requirements. Any recommendations for supplies would be appreciated.

I have also been looking at the Palo Alto Firewalls, which I have experience in but they are on the top end for price and based on my experiences with their 2050 series (slow management, random rebooting), would be a little worried moving onto their virtual platform.

Cheers

Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150309/76e7204e/attachment-0001.html>

More information about the AusNOG mailing list