Friday, January 28, 2011

Please advice me some good enterprise UTM's/Firewalls?

Hello,

Please tell me an Enterprise UTM/Firewall list from where I can choose which firewall to buy...

I'm currently trying Cyberoam and Kerio Winroute among the commercial ones.

I've tried ISA server and popular opensource distro's.

You can include both opensource distro's and commercial names..

Thanks.

  • Here are two options you may want to check out:

    IP Cop is a Linux distro that I have heard some good things about. This solution was implemented over a year ago at a local non-profit and has been running solid ever since.

    Watchguard is a commercial appliance that we ran at one of my last job sites and that I was really impressed with. Not only will it handle threat mitigation, but it can also provide VPN for your network and some of the models come with built in wireless capabilities.

    Adam Gibbins : Watchguard systems are nice, I've used a Firebox and the logging features were somewhat to be desired however, it lacked simple things such as filters.
    Harper Shelby : The only Watchguard system I dealt with (an older one) had limited support for semi-complex routing rules (that I knew the underlying Linux kernel could handle).
    David : I demoed a Watchguard Firebox unit a couple of months ago. It didn't do anything more than the other firewalls out there. It just cost less. One thing that turned me off was that for some of the extra features (web filtering for example), a Windows box was required to host the database. So much for "all in one". In the end, OpenBSD + pf was the winner.
    Luis Ventura : Just like David I also used a Linux for some time but it did not meet my expectations. In the end I settled for pfSense which uses FreeBSD + pf, along with a great web interface for easy management.
    From Psycho Bob
  • Have you looked at Checkpoint?

    David : We were loaned a Checkpoint to get us through a DOS. One plus was it worked in bridged mode. The downside was it required major hardware to get it to perform acceptably.
  • SonicWall has a great line of appliance hardware and subscription based services. You can check them out here

    If you're looking for something cheaper there is a good list at the wikipedia

    From thinkhard
  • Take a look at Astaro. They sell ready UTM devices with their software installed (do a 30-day trial to see if it does what you need). If you have a spare computer with 2 ethernet cards, you can download Astaro for free and install it to make a dedicated router. They even have VMWare appliances available.

    Another option is m0n0wall, which is completely free. It's based on FreeBSD. Like the free version of Astaro, you install it on a computer to turn it into a dedicated UTM device.

    There's also Smoothwall, which is Linux based and installed like Astaro or m0n0wall.

    All of these are excellent products and should do what you need.

    trent : Having used both Smoothwall and M0n0wall I would use m0n0wall ... it is really a great product especially for the price. also check out pfsense a monowall derivative
    From Magus
  • We recently switched from an aging Watchguard to a Juniper SSG and have been really impressed. The SSGs come in a number of models depending on performance and feature requirements. We don't use many of the UTM features so I can't speak specifically to those, but you should definitely put Juniper on your list.

    http://www.juniper.net/us/en/products-services/security/ssg-series/

    Clint Miller : Love the Juniper (Netscreen) models. We have an SSG 140 that's great for us.
    From Elias
  • Try out this.http://www.fortinet.com/ One of our client is already using and its doing wonderful job.

    Grishanko : Fortinets products work very well, we Deploy them regularly. Very reliable and with the subscription the anti-virus at the firewall save the network from many viruses.
  • Check out pfsense. FreeBSD+pf based. The web based interface is easy to use. The download CD is both a live and an install image, so you can try it with out having to install it. A VMWare appliance is also available for testing if you don't have a spare box laying round. pfsense also comes with a selection of add-on packages that install with the click of the mouse. Check them out too as they may add a feature your looking for (or wanted but didn't know it yet).

    From David
  • If anyone interested an open souce firewall you can look into Untangle UTM or endian UTM. Very impressive UTM consist of firewall , openVPN , Web filtering , IDS and more.

  • I recommend you try Ideco Gateway (www.idecogateway.com)

    excellent firewall/vpn/router/shaper and more

    you'll need to download an iso image from the site and burn it to a cd and install from there

    Although it's commercial prices are really good, times better than ISA or Kerio and more secure because it's based on Linux

  • I would recommend that it is also worth looking at SmoothWall's UTM and commercial firewall offerings. I won't comment on the quality of the kit - as I am irretrievably biased (I work @ SmoothWall).

    From Tom Newton
  • Gartner has a June 2009 report out for Small/Midsize business devices, top contenders were from:

    Watchguard Fortinet SonicWall

    All do weeny little appliances for your remote offices right up to mega sized highly-redundant multi-WAN boxes for your Headquarters.

    If you need more 'Enterprise' sized boxes then you'd be looking at something from Cisco or Juniper Networks probably.

    Watchguard have recently released their XTM (version 11) software which gives all their products a good overhaul. They also do some agressive trade-in pricing if swapping over from other manufacturers.

    From
  • You cant beat a DEC SEAL firewall !

    From Fred

0 comments:

Post a Comment