[AusNOG] Firewall thoughts

David Walsh davow at onthenet.com.au
Tue Mar 10 16:27:09 EST 2015


Pfsense?

http://www.smallnetbuilder.com/other/security/security-howto/31433-build-your-own-utm-with-pfsense-part-1 <http://www.smallnetbuilder.com/other/security/security-howto/31433-build-your-own-utm-with-pfsense-part-1>


David Walsh
OntheNet - Senior Systems Engineer
P 07 5553 9222
F 07 5593 3557
Level One, 165 Varsity Parade Varsity Lakes Qld 4227 (Map <https://goo.gl/maps/p25WF>)
www.OntheNet.com.au <http://www.onthenet.com.au/>

 

 <http://www.facebook.com/OntheNet>  <http://www.linkedin.com/company/onthenet/>  <http://twitter.com/OntheNet_ISP>
NOTICE:

This e-mail and any attachments are private and confidential and may contain privileged information. If you are not an authorised recipient, the copying or distribution of this e-mail and any attachments is prohibited and you must not read, print or act in reliance on this e-mail or attachments. Any pricing information supplied via email is an estimate or indicative only and may require a formal quotation to verify full terms and conditions.


> On 10 Mar 2015, at 8:15 am, Chris Gibbs <chris.t.gibbs at gmail.com> wrote:
> 
> Hey all,
> 
> I'm currently working on a project for a client to implement a number of firewalls
> 
> The main features I'm looking for are
> 
> Virtual 
> 1Gbps throguhput
> connections/sec will be quite low.
> OSPF 
> VRRP / HA features 
> Application inspection
> AV/malware inspection 
> Centrally managed 
> 
> I have had the Checkpoint virtual appliances in a cluster with the associated central manager testing for quite a while. It fits the bill and works the way I want, it is now time to roll-out to other sites.
> 
> However, licensing and bang-for-buck seems a bit extreme and I just want to do a final check before going down the Checkpoint path.
> 
> Eventually it will be deployed to 9 sites with the same configuration/zones at each site. No URL filtering or VPN features are required.
> 
> I have been looking at the Fortinet virtual series or Cisco ASA (with Firepower) and would appreciate people's thoughts.
> 
> The ASA series I have quite a bit of experience with but they are not virtual and the "Firepower" components are very new to market. I also haven't had a chance to play with their central manager tool FireSight.
> 
> Fortient I have zero experience with but they rated highly in the 2014 Gartner report (If that is worth anything anymore??) and tick all the requirements. Any recommendations for supplies would be appreciated.
> 
> I have also been looking at the Palo Alto Firewalls, which I have experience in but they are on the top end for price and based on my experiences with their 2050 series (slow management, random rebooting), would be a little worried moving onto their virtual platform.
> 
> Cheers
> 
> Chris
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150310/2515564c/attachment.html>


More information about the AusNOG mailing list