Thanks Matt, that was a helpful summary. I never really realized all the software based options. I do have a spare PowerEdge tower I could use. Oh, and just IPsec.
-Sam -----Original Message----- From: Matthew W. Ross [mailto:[email protected]] Sent: Monday, March 09, 2009 5:14 PM To: NT System Admin Issues Subject: Re: Firewall Recommendations There are so many to choose from! Most anything that's stable will work for what you're asking for. Even some consumer grade routers can do the VPN, but those are usually underpowered. What kind of VPN are you going to try to do? Clientless SSL Tunneling? IPSec? OpenVPN? I usually fall back to the various software-based solutions: ClarkConnect, SmoothWall, pfSense, Endian, and others are all excellent solutions that just require an older workstation with 2 or more NICs. I like these because I can fix it. Basically free if you have a spare box. Stepping up from there, you have the consumer grade routers. If you're considering one of these, you'll find them slow, unsupported after a few years, and difficult to repair if they break. I'd avoid them, look back at a software box... or... Go for the gusto with a full fledged router/firewall box. Whatchguard, SonicWall, Cisco, Astaro, Juniper, etc... Some are more complicated/expensive than others, so find the one that fits your needs. Good luck! --Matt Ross Ephrata School District ----- Original Message ----- From: Sam Cayze [mailto:[email protected]] To: NT System Admin Issues [mailto:[email protected]] Sent: Mon, 09 Mar 2009 14:04:56 -0700 Subject: Firewall Recommendations > Alright, this is continuation of my previous post regarding a Site to > Site VPN endpoint, but it turns out I will need a full blown > Router/Firewall. (The new ISP is no longer will be providing me with > one...) > > I little info: > > This is for a very small office > I prefer simple setup; GUI preferred. I am not an networking expert; > most of our firewall management is performed by a solutions provider. > Only about 4 NATs, 20 users, VPN needed SonicWall is sore spot for me. > I know many of you will recommend it... > I have used a TZ170 a few years ago. The support was horrendous and > they could not figure out why all the users where constantly > disconnecting from VPN. The VPN Client Software was terrible as well. > I trashed it after 2 weeks. > > Bonuses: > Dual WAN connection and or/ > EVDO Card PC Slot > > > Thanks, > > > > Sam Cayze > Information Technology Administrator > ROLLOUTS > ONSITE * ON DEMAND > > 952.279.6218...Direct Dial > 612.386.3946...Mobile > 877.471.6495...eFax > www.Rollouts.com <blocked::http://www.Rollouts.com> > www.e-Technicians.net <http://www.e-technicians.net/> > > CONFIDENTIALITY NOTICE: This email and any attachment(s) are intended > only for the designated recipient(s). Rollouts Incorporated prohibits > use, distribution or transmittal by or to an unintended recipient > without Rollouts' express written approval. If you are not the > intended recipient, please delete this email and notify Rollouts. > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
