0

We own a Sidewinder G2 110D (out-of-stock) and love it. The product was reasonably priced, support was great, and the device was rock-solid. Since McAffee bought out SecureComputing, they have eradicated this level of firewall from their line-up.

We now need another firewall for a remote office of <20 users. The 110D price point and features were exactly what we needed. The only option we have (if we stick with Sidewinder) is to buy a 410D which is huge overkill for our needs. Any suggestions on what vendor to move to?

Two features we need are IDS/IPS and some sort of web filtering (we currently use SmartFilter with our Sidewinder).

Who should we go to next? Being able to pick up the phone and speak with native English speaking tech support was a huge plus with Sidewinder.

Can any devices interact with our existing SmartFilter setup?

Sysadminicus
  • 586
  • 4
  • 8
  • 19

6 Answers6

1

Have you considered buying a juniper netscreen type box? They're not super expensive if you buy on the secondary market and their sales force is super aggressive if you want to buy from them directly.

As systems go, they're easy to manage, fast, and reliable.

chris
  • 11,784
  • 6
  • 41
  • 51
  • How's their support? – Sysadminicus Aug 26 '09 at 21:20
  • Juniper is a world class vendor of carrier grade equipment and their support reflects this market position as well (ie it is 100% top notch as well). I'm not sure that it is cheap, though. I might use their support for a year then get equipment on the secondary market, but then I'm a tightwad. – chris Aug 26 '09 at 22:12
  • It's worth noting that screenOS has the questionable distinction of being even less friendly than PIXs. Although, the web gui is usablish. – Cian Aug 27 '09 at 08:36
1

You might try SmoothWall - (bias disclosure: I work for SmoothWall). You will certainly find the web filtering worth having, and whilst it won't talk to smartfilter necessarily, I am sure you will be able to negotiate a competitive upgrade.

Support is also handled by "real" support agents, not script-botherers :)

Tom Newton
  • 4,021
  • 2
  • 23
  • 28
0

You could take a look at an ASA5505 w/ an IPS card. I have no idea how SmartFilter works so i can't say for sure if it work with it, but You can make those little babies do just about anything although sometimes it takes a little convincing.

Zypher
  • 36,995
  • 5
  • 52
  • 95
  • No one got fired for buying Cisco, but I have found them expensive and a pain in the @ss to configure and manage. – tomjedrz Aug 26 '09 at 20:56
  • Yea, The device he linked was 1600 so a medium to high end 5505 w/ the IPS card would run about that, would never have suggested it if he was trying to replace a 400$ unit. Ehh, I never thought they were a paint to config and manage that but then again i've been using IOS for about 10 years now ... – Zypher Aug 26 '09 at 21:15
0

I wholeheartedly recommend Astaro. The Astaro Security Gateway is very reasonably priced and has the features you need plus several other worthwhile ones. It is easy to use and configure, and doesn't require much care and feeding.

tomjedrz
  • 5,964
  • 1
  • 15
  • 26
  • Their web interface is sooooo clunky and I found it really frustrating that I couldn't import and export large rulesets. – chris Aug 26 '09 at 21:08
  • I don't agree about the web interface, and they have a central management program for extensive configuration or multiple firewalls. I didn't expect a large rule set for a 20 user office. – tomjedrz Aug 26 '09 at 22:06
0

We've had good luck and support with our Fortigate Units. The Fortigate 60B should be a good fit for 20 people and has all the features you require and is about $1000. The support/maintenance with overnight replacement is about $600 a year after the first year. So your budget should cover the unit and 2 years of support.

I've got ours setup with IPSEC tunnels to several Secure Computing boxes, old SG300's.

They have a pretty good web interface but also have a decent CLI. You can also export and import the configuration from the box as an ascii file. And if you start to get more units they also offer some other offerings that make managing a bunch of units centrally.

3dinfluence
  • 12,409
  • 2
  • 27
  • 41
0

Just a follow-up. We are leaning pretty heavily toward Untangle right now.

Sysadminicus
  • 586
  • 4
  • 8
  • 19