Appliance rack mount firewall

Discussion in 'other firewalls' started by Havok, Apr 8, 2015.

  1. Havok

    Havok Registered Member

    Joined:
    Apr 8, 2015
    Posts:
    5
    Hello all!

    Question, I'm upgrading my home office network and was wondering being I get so many probes and attempted hacks on my web server, smtp & telent server what would be a good used appliance choice

    I have been looking at:

    NetSpective AX61221TM Web Filter 2U Rackmount with p-sense
    Juniper-NS-ISG-1000
    Watchguard Firebox X750e CORE
    SonicWALL PRO 5060 5060c 1RK0B-02D VPN

    Of course I see like with Watchguard and others the license cost are very costly and I'd like to stay away from the costs as much as possible.

    Also could someone tell me more about p-sense I see some use the filters on Watchguard and Netspective.

    Thank you for your time and advice.
     
  2. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I'd need to know more variables.. Such as your connection speed, skill level, etc. Budgetary constraints, and network structure would help narrow it down. I'd actually never touch anything on your list, (I consider most of them - lousy) and would look to NSS certifications and other things. Why would you be looking for a $15,000 appliance for a SOHO that has 2GBe throughput?

    My advice;

    Upper End: Fortigate 80D
    Middle End: ZyXEL USG110
    Low End: Sophos UTM 9

    On the Sophos UTM 9 you can buy a Microcenter $150 Refurb PC Dual Core w/4GB of ram, toss in a couple NIC's, install Sophos UTM 9 in 15 minutes, and be up and running with what amounts to a $10,000 UTM/NGFW. It's a Layer8 FW, with 24,000 IPS rules, full dual engine AV scanner, ATP, WAF, Country Blocking, and with no FEES for Home Use - and you can deploy 10 Endpoint ESC's on it.

    ZyXEL is great for the price range, offering a full UTM compliment, Kaspersky Gateway, Bluecoat WF, and a great interface. Fortigate 80D is harder to configure, but powerful. You can do 10 Endpoints for no charge on it, yearly renewal is more costly, but you get a full compliment of UTM features running on ASIC processors dedicated to the task. It's a manly machine for Small/Medium offices.

    Bargain Basement - wait for Untangle 11.2 w/real IPS, drop that on a crappy old PC laying around, and run with it. It's layer-7, and reasonable, easy to use, easy to manage. Even at $50 a month for the full kit, it's not costly. Or run free mode on it.
     
  3. Havok

    Havok Registered Member

    Joined:
    Apr 8, 2015
    Posts:
    5
    Hello

    As for my office I have:

    1: Dell Power Edge R2950 with Windows 2012 I use for my web server and DNS/POP/SMTP server right now runs 12 web sites.
    2: Dell Power Edge R710 I use for virtualization
    3: Dell Power Connect 24 port switch
    4: Belkin 8 port KVM
    5: APC Smart-UPS 1500VA 2U
    6: Fiber Modem 1 gig down / 200 megs up
    7: All on a iStarUSA 15U 4 Post Open Frame Rack

    Of course I would like to spend as little as possible but still would like to have more security then the fiber modem firewall and Windows built in firewalls.
    Also in the past I have run Smooth Wall and IP Cop

    Thanks for your time.
     
  4. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    1Gbe down certainly changes the dynamics, as you will not get that speed unless you go to medium-size devices. Fortigate 80D will only do 255/500Mbps with all security enabled.

    Your best bet is to roll 1Gbe NIC's with Sophos 9 UTM, or Untangle IMO.. Save you a ton of coin, and provide the throughput you need. I run 180Mbps down, and it GREATLY restricts what I am willing to pay a year for bundle renewals on UTMs. Once you get higher in throughput you can start paying $100, $200+ a month in UTM bundles.
     
  5. Havok

    Havok Registered Member

    Joined:
    Apr 8, 2015
    Posts:
    5
    Hay, want to thank you for the advice!
    I'm going to look over Sophos 9 UTM, or Untangle IMO right now looking over one of my old boxes to throw it on or maybe Dell Poweredge R 860 on ebay for 25.00 bucks

    Thanks again!
     
  6. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Also I wouldn't be fixated on a rack mount. You could always toss a slider or shelf on it and toss a refurb PC on the shelf to do the same thing. Half of the server rooms I see these days have this.

    Untangle is easy, and fast. Sophos is difficult - unless you have a good foundation in UTM/NGFW/L7+ configuration, but is 'vastly' more powerful than Untangle, and Sophos is free. Since your office is in the home, they'd never recognize you as not being a home user of it. I push up to 50 clients through my home one, and never had an issue.
     
  7. Havok

    Havok Registered Member

    Joined:
    Apr 8, 2015
    Posts:
    5
    Hello and morning!

    Well let me ask you being you know more about these two packages then I do.

    1: Does one or both firewall packages need two nic cards or three? Like smooth wall or ip cop you setup with three zones?
    2: I guess I will muddle through Sophos being the addon's come free unlike untangle from what I have been reading.
    3: Right now I'm looking at a Dell Optiplex 780 SFF CORE 2 DUO 3.0GHz 4GB Ram or Lenovo ThinkCentre M58e 7303-CTO SFF Quad Core 2.66GHz 4GB

    Thanks again for your advise!
     
  8. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    All of them work with 2 NIC's (its NIC not NIC Card - which would sound like: Network Interface Card Card. Hehe). You CAN add a third, and create 'zones' for additional security, segregating wifi for example on it's own NIC, with stronger, more intense inspection, and subnet limitations. It's not required. Sophos is GREAT, but you need to understand the NGFW logic structure, or be able to learn it. Untangle doesn't use NGFW logic structures, it uses it's own system a cat could understand. Once you understand Sophos it's remarkably powerful, and free! (Home/SOHO)

    Those systems would own Sophos, even with every setting maxed. I run with 23,405 IPS rules, full web filtration, dual AV's on a Dual Core 2.66 w/2GB Ram. Never spikes CPU, ram stays around 50%.
     
  9. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,075
  10. Havok

    Havok Registered Member

    Joined:
    Apr 8, 2015
    Posts:
    5
    Ok, I'm off to read more on Sophos I'll look forward to learning it and implementing to the wild. Are their any good forum sites that talk about or support Sophos on this type of use?

    Thanks again for the time and information!
     
  11. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
  12. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,075
    Is not free, you can NOT use Sophos UTM home edition for business use. As far as I know home office is business use even if you work from home.
    The hw isn't free either.

    @Havok
    I would look at pfsense if you are interested in saving money.
     
  13. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    I use pfsense and love it. Very stable for me
     
  14. Russ64

    Russ64 Registered Member

    Joined:
    Mar 17, 2015
    Posts:
    13
    Location:
    London, UK
    I have read that post on Sophos forum and it was just speculation that the free Home version may be discontinued, however the road-map seems to show that there will be a fork with users able to stay on the 9.x versions or change to a new technology product (which may not have a free home version)......

    As a true home user, I cannot pay for a commercial product and I do not use all the features anyway.
     
  15. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Back on topic.. I think Sophos would fit the bill perfectly.. If not, Untangle Free, or license it for $50 a month if you want the extra loot. Untangle is easy, but less secure. Sophos is harder, but incredibly advanced.

    With your significant bandwidth on WAN, you'd need a very expensive UTM to do the job of what Sophos or Untangle would do for free, or very cheap.
     
  16. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,956
    Location:
    U.S.A.
    Removed Reported Off Topic Posts. Let's Focus Only On the Topic, and Not Each Other. Thank You!
     
Loading...