Firewall Options

[Kadz]

Hi Guys,

I would like some input into our firewall options for our company.

We are a single SMB which has +- 200 users. Single site.
About half the users are employees and are managed via AD. The rest are external providers or Guests connected to seperate VLANS not on AD.

We currently have 2 cyberoam(now sophos) firewalls. 1 is a failover. With sophos, we apparently save on the licencing on the failover.

Our hardware is coming out of support and warranty, so we wont be able to rev=new for longer than a year.

Any suggestions?

 

[MDKza]

Palo Alto wins hands down.
PM if you want some info on it.

Gartner Report

 

[SpiderGear]

For 200 users you can just about run anything, depending on how technical you want to get and if you want any UTM functions.

Roll your own with OPNSense/PFsense or spend some $$$ and get a PA or similar.

 

[InvisibleJim]

I'm equally happy with either Fortigate or Sophos. Both very good and we tend to take them on managed/rental options as you ae always going to have a regular licensing component with these options anyway.

I'm a big advocate of open source and over the years I've made use of ClearOS, Endian, Untangle and others - Generally I found that certain features such as application layer filtering tend to be only available in paid packages - when we costed upgrading untangle to the paid license a few years ago it was more or less the same as the Cyberoam option.

 

[syntax]

The issue with security deployments at the moment is they are done in isolation. Isolated tools doing isolated jobs.
Integration between security products as well as a defined security strategy is what you should be aiming for.

I would suggest looking at a UTM device that fits into a security strategy. Your UTM firewall should ideally be part of a security fabric or framework and share information to allow event correlation and enforcement from multiple points. You should be selecting your access layer, endpoint security, perimeter security etc all based on how they can, and how easily they can integrate with each other.

Using this you might not have the best individual product, but your overall security will be better, more functional, cheaper and less operationally heavy.

Lastly, please dont chase the "quadrant". Chasing the Gardner quadrant will typically result in isolated, best of breed products that whilst individually are great, overall dont offer what you should be looking at.

Very last point, if you are going to base opinion on reports, NSS is typically better than Gardner. NSS actually tests the security features of the products

 

[r00igev@@r]

Hi Guys,

I would like some input into our firewall options for our company.

We are a single SMB which has +- 200 users. Single site.
About half the users are employees and are managed via AD. The rest are external providers or Guests connected to seperate VLANS not on AD.

We currently have 2 cyberoam(now sophos) firewalls. 1 is a failover. With sophos, we apparently save on the licencing on the failover.

Our hardware is coming out of support and warranty, so we wont be able to rev=new for longer than a year.

Any suggestions?

Look at Watchguard. Damn fine bit of software and can be run as a cloud service with edge security.