[AusNOG] Firewall thoughts

Haydn Cockayne h.cockayne at kolbe.wa.edu.au
Tue Mar 10 14:04:08 EST 2015 

Another vote for the Sophos UTM. Running it here with 1200 users and 1Gbit
WAN. Only thing I would recommended is getting the premium support - that
way you can skip your vendor and speak directly to Sophos.

*Haydn Cockayne* | ICT Operations Officer

Kolbe Catholic College <http://www.kolbe.wa.edu.au/> | Dowling St,
Rockingham, WA, 6168 <http://goo.gl/maps/SkJZ5>
Helpdesk: 9591 4222 | Direct: 9591 4207

On Tue, Mar 10, 2015 at 6:15 AM, Chris Gibbs <chris.t.gibbs at gmail.com>
wrote:

> Hey all,
>
> I'm currently working on a project for a client to implement a number of
> firewalls
>
> The main features I'm looking for are
>
> Virtual
> 1Gbps throguhput
> connections/sec will be quite low.
> OSPF
> VRRP / HA features
> Application inspection
> AV/malware inspection
> Centrally managed
>
> I have had the Checkpoint virtual appliances in a cluster with the
> associated central manager testing for quite a while. It fits the bill and
> works the way I want, it is now time to roll-out to other sites.
>
> However, licensing and bang-for-buck seems a bit extreme and I just want
> to do a final check before going down the Checkpoint path.
>
> Eventually it will be deployed to 9 sites with the same
> configuration/zones at each site. No URL filtering or VPN features are
> required.
>
> I have been looking at the Fortinet virtual series or Cisco ASA (with
> Firepower) and would appreciate people's thoughts.
>
> The ASA series I have quite a bit of experience with but they are not
> virtual and the "Firepower" components are very new to market. I also
> haven't had a chance to play with their central manager tool FireSight.
>
> Fortient I have zero experience with but they rated highly in the 2014
> Gartner report (If that is worth anything anymore??) and tick all the
> requirements. Any recommendations for supplies would be appreciated.
>
> I have also been looking at the Palo Alto Firewalls, which I have
> experience in but they are on the top end for price and based on my
> experiences with their 2050 series (slow management, random rebooting),
> would be a little worried moving onto their virtual platform.
>
> Cheers
>
> Chris
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150310/7e684b0a/attachment.html>

More information about the AusNOG mailing list