SMB firewall options
-
@BRRABill said in SMB firewall options:
@scottalanmiller said
Partly why I like PA so much
But they do more than a traditional firewall, less then a "full" UTM.BTW, at MC you mentioned $10K as an entry point to PA.
We have the PA-200 and it was less than $3K.
And like $1.2K ongoing a year for subscriptions, support, etc..
Not so bad!
-
@BBigford we use Peplink BPL-ONE-CORE. Its been pretty nice and their support has been great. We have ~65 users total
-
@Jason said in SMB firewall options:
@BRRABill said in SMB firewall options:
@scottalanmiller said
Partly why I like PA so much
But they do more than a traditional firewall, less then a "full" UTM.BTW, at MC you mentioned $10K as an entry point to PA.
We have the PA-200 and it was less than $3K.
And like $1.2K ongoing a year for subscriptions, support, etc..
Wish ours was that cheap.
The PA-200 is probably way under powered for you, though!
-
@BRRABill said in SMB firewall options:
@scottalanmiller said
Partly why I like PA so much
But they do more than a traditional firewall, less then a "full" UTM.BTW, at MC you mentioned $10K as an entry point to PA.
We have the PA-200 and it was less than $3K.
And like $1.2K ongoing a year for subscriptions, support, etc..
Damn, that's what I paid for Sonicwall years ago.
-
@BBigford said in SMB firewall options:
@zuphzuph said in SMB firewall options:
Untangle.
You've gotten to mess with that more than I have. Have you checked out the content filtering and such? Does it have a VPN client? I couldn't remember if OpenVPN is available on that or if I'm thinking of pfSense...
-
@zuphzuph said in SMB firewall options:
@BBigford said in SMB firewall options:
@zuphzuph said in SMB firewall options:
Untangle.
You've gotten to mess with that more than I have. Have you checked out the content filtering and such? Does it have a VPN client? I couldn't remember if OpenVPN is available on that or if I'm thinking of pfSense...
Don't feel bad @zuphzuph - I installed Untangled at two NPOs and and if I could have found a small enough PC to run it at home years ago I would have. However - I was 'coerced' into not doing so and that it was a bad idea.
I have a UBNT ERL here at home now, I know one Untangled box I installed has been pulled, as it's now in the scrap pile here at home. Since it was hardware I had bought personally, they gave it back to me (minus the drives).
There are times though I still would like to have one running, just for giggles..
-
@Dashrender said in SMB firewall options:
@BRRABill said in SMB firewall options:
@scottalanmiller said
Partly why I like PA so much
But they do more than a traditional firewall, less then a "full" UTM.BTW, at MC you mentioned $10K as an entry point to PA.
We have the PA-200 and it was less than $3K.
And like $1.2K ongoing a year for subscriptions, support, etc..
Damn, that's what I paid for Sonicwall years ago.
You could have had a PA!!
Actually realized that the PA offices in Texas are very close to my house. Drove past them last night.
-
Like I said, the specs aren't the best for large places, but for us, way more than adequate.
Specs of the PA-200:
Firewall throughput 100 Mbps
Threat prevention throughput 50 MbpsIt's like anything ... yes, I could do it myself, but considering the importance, and what a great job they do, for me it was a good business decision.
-
@BBigford said in SMB firewall options:
There is a metric ton of vendors out there. Some use on-premesis, some point at a cloud firewall service, and there are tons of vendors in between.
There isn't much of a difference between a (US) ton, and a metric ton... a metric ton is only 205 lbs heavier. 907 kg versus 1000 kg
So the way I understand it, is there's only one extra vendor person out there vs a regular ton of vendors.
But... on to the main point of your question...
@BBigford said in SMB firewall options:
For businesses under ~20 users, what do you use for a firewall, content filtering (basic stuff like porn & gambling), VPN site-to-site?
I've used:
SonicWall
pfSense (mixed with Securly for filtering)
Sophos
Cisco (though that was getting out of the price range)
Fortinet (800C down through the small units)
WatchGuard (larger X series down through their Firebox models)
Anyone using anything cloud based? Haven't really looked into it.For about 20 users, I've seen success with RRAS, SonicWALL, Fortinet, and Sophos.... oh, depends on the SonicWALL, and also had success with Untangle... and OpenDNS worked well in a few places.
I have set up some decent SQUID proxies on CentOS. That's does a freakin awesome job of filtering. I think I have a guide on setting up a basic configuration of SQUID somewhere...
-
@Tim_G said in SMB firewall options:
@BBigford said in SMB firewall options:
There is a metric ton of vendors out there. Some use on-premesis, some point at a cloud firewall service, and there are tons of vendors in between.
There isn't much of a difference between a (US) ton, and a metric ton... a metric ton is only 205 lbs heavier. 907 kg versus 1000 kg
So the way I understand it, is there's only one extra vendor person out there vs a regular ton of vendors.
But... on to the main point of your question...
Maybe he meant to reference the larger shit tonne.
-
@gjacobse said in SMB firewall options:
@zuphzuph said in SMB firewall options:
@BBigford said in SMB firewall options:
@zuphzuph said in SMB firewall options:
Untangle.
You've gotten to mess with that more than I have. Have you checked out the content filtering and such? Does it have a VPN client? I couldn't remember if OpenVPN is available on that or if I'm thinking of pfSense...
Don't feel bad @zuphzuph - I installed Untangled at two NPOs and and if I could have found a small enough PC to run it at home years ago I would have. However - I was 'coerced' into not doing so and that it was a bad idea.
I have a UBNT ERL here at home now, I know one Untangled box I installed has been pulled, as it's now in the scrap pile here at home. Since it was hardware I had bought personally, they gave it back to me (minus the drives).
There are times though I still would like to have one running, just for giggles..
Feel bad about what? Find a bridge.
