Hi All,

Does anyone actually have a SOHO class hardware firewall/UTM appliance or install them for other businesses? I'm thinking of getting one just for the heck of it for my home network. The firewalls I'm alluding include Cisco PIX 501, Watchguard x10e-w, 3Com x5, Safe@Office 500 UTM etc.

What are the exact capabilities in their SPI firewalls and IDS modules? Does the VPN functionality allow me to set up a server on the actual appliance and create a tunnel to it whenever I'm roaming around? Any other observation?

Regards,
Jeremy

Bump.

Dunno if this is of any help. I've never used a proper hardware firewall like the ones you mentioned however i have used other types of hardware firewalls. I used to use smoothwall which is a linux distro that allows you to turn an old pc into a hardened internet firewall device. Smoothwall is free and works on pretty much any old computer. I used to run mine on an old P2 266mhz system with a 400mb hdd and 32mb ram.

Yea I used to run IPCop which was a fork of Smoothwall. It was quite nice as just a inline hardware firewall. But it didnt have any of the IDS and gateway AV services that the paid ones offer.

I'm thinking of building a low cost (dont have any old hardware lying around) firewall and using Astaro. If its for non commercial use, its completely free which also includes free subscription to to their IDS and AV. Has anyone tried it?

What about Zonealarm Z100G? http://www.zonealarm.com/store/content/catalog/products/z100g/index.jsp?dc=12bms&ctry=US&lang=en

It is cheaper than that SOHO class routers, but I don't know how protection capacity is.

Thats actually quite a funky product. The firewall is interesting. I wonder if it is actually firewall-1 from checkpoint.

From that link :

"Unsurpassed Firewall Protection — The industry's #1 firewall. Check Point's patented stateful packet inspection (SPI) technology dynamically filters packets of information all the way down to the most deeply embedded data that high-level filters miss. It fully protects your network against unsolicited data transfers and external Internet attacks."

Yea I noticed that but I wonder if it is actually the enterprise firewall 1 product or a very stripped version.