Pfsense instead SonicWall ?
-
@iroal said:
I see Ubitiqui as a great option but more complicate to install and with less support, and unfortunately i dont have enough time to install it.
You just plug it in. It is a super simple router appliance. Nothing complicated at all. pfSense should not even be talked about here.
Ubiquiti you just update, and a wizard walks you through a setup. Very easy.
-
@iroal said:
Sorry for my english level.
Yes i need 6 ports 1Gb.
I like Pfsense because is easy to learn and manage.
I see Ubitiqui as a great option but more complicate to install and with less support, and unfortunately i dont have enough time to install it.
You need 6 switch port or 6 routed ports? If you need 6 switch ports, buy an ERL and a $25 8-port Gigabit dumb switch
-
@JaredBusch said:
@iroal said:
Sorry for my english level.
Yes i need 6 ports 1Gb.
I like Pfsense because is easy to learn and manage.
I see Ubitiqui as a great option but more complicate to install and with less support, and unfortunately i dont have enough time to install it.
You need 6 switch port or 6 routed ports? If you need 6 switch ports, buy an ERL and a $25 8-port Gigabit dumb switch
Or if you really need more control, a Netgear or Ubiquiti smart switch with 12-24 ports would still be half the price and more power than the pfSense.
-
Really Ubiquiti is doing impressive hardware. Also I like very much Mikrotik, cheap, and very powerful.
Here (Spain), in my company, we used to work with Sonicwall, but we found some issues and sometimes poor customer support and change brand. Client to site and SSL VPN was not free (only included one or two licenses, it depends on model)
I think one of important questions is Sonicwall is an UTM, acts like firewall, router and also security appliance. Acts also like a powerful load balancer. This lasts parts are also very important for me.
Now we work with Cyberoam, very powerful hardware, cheaper than Sonicwall (half the prize), includes reporting (CR25 up, hard disk inside), free SSLVPN, stable, and fantastic support. We are happy with them. Now is part of Sophos company, I hope the brand will continue this good work in future, and no surprises with the new owner, Sophos.
-
@mmruiz said:
Really Ubiquiti is doing impressive hardware. Also I like very much Mikrotik, cheap, and very powerful.
Here (Spain), in my company, we used to work with Sonicwall, but we found some issues and sometimes poor customer support and change brand. Client to site and SSL VPN was not free (only included one or two licenses, it depends on model)
I think one of important questions is Sonicwall is an UTM, acts like firewall, router and also security appliance. Acts also like a powerful load balancer. This lasts parts are also very important for me.
Now we work with Cyberoam, very powerful hardware, cheaper than Sonicwall (half the prize), includes reporting (CR25 up, hard disk inside), free SSLVPN, stable, and fantastic support. We are happy with them. Now is part of Sophos company, I hope the brand will continue this good work in future, and no surprises with the new owner, Sophos.
Thanks for you help.
PD: Parece que no soy el único español por aquí
-
Hay unos pocos. Más de España y más hispanohablantes. México, Panamá, España y más representadas.
-
@dafyre said:
@scottalanmiller said:
@iroal said:
Company, at end, let me buy the Pfsense.
I'm thinking in this model.
https://store.pfsense.org/HIGH-AVAILABILITY-SG-4860-1U-pfSense-Systems-P47.aspx
Any other best option ?
Answer is going to keep being the same, Ubiquiti is better than pfSense.
Can the Ubiquiti handle failover from one to another?
@iroal If the Ubiquiti has all the features you need, then the price will be significantly cheaper than the pfSense setup.
Yes - Even the ERL I have with 3 ports can. you can set two ISP and one LAN, One ISP, LAN and WiFi or one ISP and two LAN..
We actually have a client with two ISP and one LAN configured currently.
-
@gjacobse said:
@dafyre said:
@scottalanmiller said:
@iroal said:
Company, at end, let me buy the Pfsense.
I'm thinking in this model.
https://store.pfsense.org/HIGH-AVAILABILITY-SG-4860-1U-pfSense-Systems-P47.aspx
Any other best option ?
Answer is going to keep being the same, Ubiquiti is better than pfSense.
Can the Ubiquiti handle failover from one to another?
@iroal If the Ubiquiti has all the features you need, then the price will be significantly cheaper than the pfSense setup.
Yes - Even the ERL I have with 3 ports can. you can set two ISP and one LAN, One ISP, LAN and WiFi or one ISP and two LAN..
We actually have a client with two ISP and one LAN configured currently.
That aspect is for WAN failover. He's looking for router failover - where you have two routers instead of just one. It does that too but I don't believe we have any clients doing it. It is a more complicated setup and carries complications from the fact that you can't have the ISP link going to both routers at once by default.
-
@scottalanmiller said:
@gjacobse said:
@dafyre said:
@scottalanmiller said:
@iroal said:
Company, at end, let me buy the Pfsense.
I'm thinking in this model.
https://store.pfsense.org/HIGH-AVAILABILITY-SG-4860-1U-pfSense-Systems-P47.aspx
Any other best option ?
Answer is going to keep being the same, Ubiquiti is better than pfSense.
Can the Ubiquiti handle failover from one to another?
@iroal If the Ubiquiti has all the features you need, then the price will be significantly cheaper than the pfSense setup.
Yes - Even the ERL I have with 3 ports can. you can set two ISP and one LAN, One ISP, LAN and WiFi or one ISP and two LAN..
We actually have a client with two ISP and one LAN configured currently.
That aspect is for WAN failover. He's looking for router failover - where you have two routers instead of just one. It does that too but I don't believe we have any clients doing it. It is a more complicated setup and carries complications from the fact that you can't have the ISP link going to both routers at once by default.
Can't you do 4 routers, two for each ISP?
-
@wirestyle22 said:
Can't you do 4 routers, two for each ISP?
Why would you need four? Why not do two, each ISP into each? What's the benefit of four?
-
@wirestyle22 said:
@scottalanmiller said:
@gjacobse said:
@dafyre said:
@scottalanmiller said:
@iroal said:
Company, at end, let me buy the Pfsense.
I'm thinking in this model.
https://store.pfsense.org/HIGH-AVAILABILITY-SG-4860-1U-pfSense-Systems-P47.aspx
Any other best option ?
Answer is going to keep being the same, Ubiquiti is better than pfSense.
Can the Ubiquiti handle failover from one to another?
@iroal If the Ubiquiti has all the features you need, then the price will be significantly cheaper than the pfSense setup.
Yes - Even the ERL I have with 3 ports can. you can set two ISP and one LAN, One ISP, LAN and WiFi or one ISP and two LAN..
We actually have a client with two ISP and one LAN configured currently.
That aspect is for WAN failover. He's looking for router failover - where you have two routers instead of just one. It does that too but I don't believe we have any clients doing it. It is a more complicated setup and carries complications from the fact that you can't have the ISP link going to both routers at once by default.
Can't you do 4 routers, two for each ISP?
Look at VRRP. It is a protocol that allows for hardware failure. You would just need two routers not four.
-
@scottalanmiller said:
@wirestyle22 said:
Can't you do 4 routers, two for each ISP?
Why would you need four? Why not do two, each ISP into each? What's the benefit of four?
Never mind. I saw the 'by default' portion of your post now and realized there is no point
-
@coliver said:
@wirestyle22 said:
@scottalanmiller said:
@gjacobse said:
@dafyre said:
@scottalanmiller said:
@iroal said:
Company, at end, let me buy the Pfsense.
I'm thinking in this model.
https://store.pfsense.org/HIGH-AVAILABILITY-SG-4860-1U-pfSense-Systems-P47.aspx
Any other best option ?
Answer is going to keep being the same, Ubiquiti is better than pfSense.
Can the Ubiquiti handle failover from one to another?
@iroal If the Ubiquiti has all the features you need, then the price will be significantly cheaper than the pfSense setup.
Yes - Even the ERL I have with 3 ports can. you can set two ISP and one LAN, One ISP, LAN and WiFi or one ISP and two LAN..
We actually have a client with two ISP and one LAN configured currently.
That aspect is for WAN failover. He's looking for router failover - where you have two routers instead of just one. It does that too but I don't believe we have any clients doing it. It is a more complicated setup and carries complications from the fact that you can't have the ISP link going to both routers at once by default.
Can't you do 4 routers, two for each ISP?
Look at VRRP. It is a protocol that allows for hardware failure. You would just need two routers not four.
Yeah I was thinking simplistically. My bad
-
Let's say you set up an EdgeRouter, what would you guys recommend for the additional services that a UTM platform would normally provide?
-
@wrx7m said:
Let's say you set up an EdgeRouter, what would you guys recommend for the additional services that a UTM platform would normally provide?
Like what?
Proxy/web filtering could easily be done via Squid.
-
The ER series has a client VPN built in. I think it will do OpenVPN as well.
-
Gateway AV, DPI, IDS, IPS
-
@wrx7m said:
Let's say you set up an EdgeRouter, what would you guys recommend for the additional services that a UTM platform would normally provide?
Standard recommendation is that those things don't belong on a firewall and should be either handled by another device or should not exist at all (much of the time they are negatives and sold via hype... most have their place but are not very commonly recommended.)
-
@wrx7m said:
Gateway AV, DPI, IDS, IPS
I've never seen Gateway AV work... but I Squid can also do this with some addons.
-
@scottalanmiller Interesting. So you would just go with endpoint protection after the router/firewall?
