It really depends on what constraints you have. Do you care about:
cost? performance? support?

Personally, for cost-constrained applications of 1 Gbit/s or less
(assuming modestly-sized packets, not all-DNS for example), I like
OpenBSD/pf or Linux/netfilter and generic x86 64-bit servers.
It's cheap, deeply customizable and since everything touches a CPU, it
allows for deep traffic inspection.

The tradeoff is that there's no support from major vendors, but there
are many smaller but very experienced consulting shops that can
integrate any patches and fix and issues that may arise.

What kinds of things are you looking for?


On Tue, Nov 8, 2011 at 3:06 PM, Jones, Barry
<> wrote:
> Hello all.
> I am potentially looking at firewall products and wanted suggestions as to 
> the easiest firewalls to install, configure and maintain? I have a few small 
> networks ( 50 nodes at one site, 50 odd at another, and maybe 20 at another. 
> I have worked with Cisco Pix, ASA, Netscreen, and Checkpoint (Nokia), and 
> each have strong and not as strong features for ease of use. Like everyone, 
> I'm resource challenged and need an easy solution to stand up and operate.
> Feel free to ping me offline - and thank you for the assistance.
> ----------------------------------------
> Barry Jones - CISSP GSNA
> Project Manager II
> Sempra Energy Utilities
> (760) 271-6822
> P please don't print this e-mail unless you really need to.
> ----------------------------------------

Reply via email to