Well, I don't know if it can do what you want in one box, but I sure like the Cisco ASA devices. We replaced two of our three Pix firewalls (three different locations, connected by firewall-to-firewall VPN) with the comparable ASA device. Works well. I'm not a Cisco guy... I only know what I know (how to create VPN users) because I was given a "cookbook" recipe for creating a VPN user.
It's simple to manage and "just works." About the only thing I wish it did was NAT the connection from our Metro Ethernet circuit to our old T1 IP. We didn't want to change the dozen or so VPN users so we kept our old T1 IP and just put a Cisco router in front of our firewall to do the NATing. -----Original Message----- From: Richard Stovall [mailto:[email protected]] Sent: Friday, October 30, 2009 12:22 PM To: NT System Admin Issues Subject: New firewall recommendations Hola fellow admin peoples, I'm looking to replace our end of life Pix 515e firewalls. We have two, one for each inbound ISP. My SmartFilter subscription is also about to expire and I'm thinking I might like to move to a unified security solution. So far, the only candidate I've found is the Sonciwall NSA series, specifically the NSA240 for our size network. It looks like it can do: 1) WAN failover (1 firewall, multiple ISPs) 2) Traditional packet inspection / NAT, etc. 3) Layer 7 application inspection 4) Content filtering (to replace the SmartFilter) 5) A host of other buzzword goodies My questions are: 1) Are there any competing products that I should be loooking at? I can't seem to figure out if the Cisco ASA5500 series is comparable on all features. 2) Anyone have firsthand experience with the fully tricked out NSA 240 with the Gateway Security Suite of addons? Any comments you can share? 3) I seem to remember some pretty fervent anti-SonicWall comments here lately, mostly due to offshoring of tech support. Am I remembering that correctly? Is it really so bad as to knock SonicWall off the list of contenders? Thanks one and all for any suggestions/ideas/comments, RS ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.423 / Virus Database: 270.14.39/2469 - Release Date: 10/30/09 07:52:00 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
