[AusNOG] Firewall thoughts

Shane Chrisp shane at 2000cn.com.au
Tue Mar 10 11:31:33 EST 2015


On 10/03/15 06:15, Chris Gibbs wrote:


The Fortinet is brilliant. Though, we are a Fortinet Gold Partner, but 
we use them extensively in house and also at clients. Extremely reliable 
and flexible, but like most things, there is a learning curve.


-- 

Regards

Shane Chrisp
2000 Computers & Networks Pty Ltd
Suite 6, 49 Hay St, Subiaco, WA 6008
Ph 08 6298 7391 Fx 08 6298 7393
Mb 0412 409 856
Email shane at 2000cn.com.au
Web http://www.2000cn.com.au



> Hey all,
>
> I'm currently working on a project for a client to implement a number of
> firewalls
>
> The main features I'm looking for are
>
> Virtual
> 1Gbps throguhput
> connections/sec will be quite low.
> OSPF
> VRRP / HA features
> Application inspection
> AV/malware inspection
> Centrally managed
>
> I have had the Checkpoint virtual appliances in a cluster with the
> associated central manager testing for quite a while. It fits the bill
> and works the way I want, it is now time to roll-out to other sites.
>
> However, licensing and bang-for-buck seems a bit extreme and I just want
> to do a final check before going down the Checkpoint path.
>
> Eventually it will be deployed to 9 sites with the same
> configuration/zones at each site. No URL filtering or VPN features are
> required.
>
> I have been looking at the Fortinet virtual series or Cisco ASA (with
> Firepower) and would appreciate people's thoughts.
>
> The ASA series I have quite a bit of experience with but they are not
> virtual and the "Firepower" components are very new to market. I also
> haven't had a chance to play with their central manager tool FireSight.
>
> Fortient I have zero experience with but they rated highly in the 2014
> Gartner report (If that is worth anything anymore??) and tick all the
> requirements. Any recommendations for supplies would be appreciated.
>
> I have also been looking at the Palo Alto Firewalls, which I have
> experience in but they are on the top end for price and based on my
> experiences with their 2050 series (slow management, random rebooting),
> would be a little worried moving onto their virtual platform.
>
> Cheers
>
> Chris
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>




More information about the AusNOG mailing list