Fog Creek Software
Discussion Board




SOHO Firewall/Filter recomendation??

Hi all!!

I'm looking for a firewall/VPN appliance for the company I work for. The idea is to be able to stablish an VPN between our two offices, and also to do firewalling / content filtering as easily as possible.

The number of users is quite low (on the order of 50 or less), so the idea is to get something that is not too pricey, but that is easy to set-up / mantain (so that rules out the "homebrew" Linux+netfiter/iptables, FreeBDS+ipf or W2K+IIsa Server DIY solutions).

Any and all recomendations, pointers, or advice would be greatly appreciated.

Javier Jarava
Thursday, August 19, 2004

Check out the Cisco PIX line - you can get a starter at $300. Gives you full firewall/NAT/routing capabilities. One huge caveat - don't bother with the GUI; just write the config files directly.

Upside: You can learn IOS
Downside: You have to learn IOS

Philo

Philo
Thursday, August 19, 2004

A customer whose two offices are connected by ADSL had good experience with this Zyxel:

http://www.zyxel.com/product/model.php?indexcate=1022049819&indexcate1=1021877946&indexFlagvalue=1021873638

Fred
Thursday, August 19, 2004

Thanks for the advice. Will check the Cisco kit.

Someone has pointed me towards the 3Com OfficeConnect VPN Firewall, and/or (depending on users) the SuperStack or OfficeConnect SecureRouter products. From what I can see, the VPN firewall is very VPN-Oriented (50 VPNs at a time is quite a number)... In any case, anyone has any experience with that kit??

Also, any news on other MFGs. that I should check? (linksys comes to mind...)

TIA

Javier Jarava
Thursday, August 19, 2004

ne touchez le Netware pas.

trollop
Thursday, August 19, 2004

I've installed a Cisco PIX a few weeks ago, and this is a real pain.
The GUI Configuration is made for some rentacoder anti-Cisco programmer, and the old-way configuration "language" is the worst and ugly i've seen.

take it only if you can waste several nights in change-testing-error, or if you want to appears how a Cisco guy, these that -as some other programmers-  enjoy with complexity.

The best way is purchase the Cisco PIX along with several hours of Cisco tech people installation-pack.

In 2004 I can't understand how can be so difficult to define the most simple rules.

It took us two weeks to configure, with Cisco support "helping us" via phone, but at end -of course- the PIX is running after an personal visit from Cisco certificate tech guy and made some little changes to the configuration.
Even now the configuration file is hard to understand, and you need to colect several books from a large documentation facilities in cisco.com.

long life to the complexity.

(sorry my "English")

Guillermo
Thursday, August 19, 2004

Recently I purchased the Watchguard X series firewalls after a long review of firewall appliances.  The configuration is pretty easy (this is reletive to your networking knowledge).  The X series allows you to purchase lower-end firewalls that are upgradable via a software key.  Their SOHO products contain very simulare software (if not the same) as there higher end products, so setting up two offices isn't a larger learning curve.  I have been generally pleased with the product.  There is no firewall product out there that is perfect.  Cisco PIX is VERY expensive and a pain to configer and Sonic Wall is said to have a poor user interface.  I hope this helps somewhat.

BCS
Thursday, August 19, 2004

I really like the SnapGear product line. They aren't difficult to use and pretty much "just work".

http://www.cyberguard.com/snapgear/products.html

P.S. They seem to have changed their name to CyberGuard.

John Bush
Thursday, August 19, 2004

Sonicwall are great.

.
Saturday, August 21, 2004

I am using Sygate personal firweall, its free and I'm quite happy

cuzi
Wednesday, August 25, 2004

*  Recent Topics

*  Fog Creek Home