UTM firewalls

Discussion in 'other firewalls' started by lunarlander, May 8, 2015.

  1. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    121
    Hi,

    I am looking into buying a UTM firewall. Currently looking at DELL Sonicwall SOHO and Check Point 620. They are both around $600.

    I have also looked at Sophos Free UTM, but the price for their yearly IPS subscription is $3XX. Ouch.

    The main thing I'm looking for is Intrusion Prevention, since that role cannot be covered by any HIPS on the host.

    Any other product suggestions welcome.
     
  2. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    I use pfsense with snort. Both open source.
     
  3. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,723
    Location:
    localhost
    You can find a dedicated UTM thread here:
    UTM Thread.
     
  4. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    121
    Hi Brocke,

    I just downloaded pfsense to take a look. Has it spotted any attacks for you ?



    Hi fax,

    Thanks for the link.
     
  5. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    Yup I'm running snort and squid3 with squidguard and it found a lot for me
     
  6. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    121
    I am a bit leery of running another Linux firewall. Last time I had Untangle and somebody broke the firewall. The web UI literally didn't work anymore. But I see pfsense is based on FreeBSD, so I may give it a try as I read somewhere a long while ago that the FreeBSD people are pretty security conscious.

    What kind of hardware are you running it on? How many PCs is your pfsense guarding ?
     
  7. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    I'm running it on s mini over with a msata drive and atom processor with 4gb of ram.

    My home network has 11 devices from laptops to smartphones to DVD players.

    I also use it in a business network I manage. Security is very tight with it if configured right. Take a small amount of tweaking but not bad. The gui will help alert if errors
     
  8. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    121
    Can you give me the model version of that atom cpu? I want to go get the cpu benchmark passmark score of it to see how it compares to the Pentium 4 3Ghz I have idling in my house. The pfsense site says it recommends using a cpu less than 4 years old but I am not certain when that was written, but if it was written in 2009, then my Pentium 4 3Ghz would be within that 4 years old recommendation.
     
  9. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA

    Here's some info
    AMD G-T40E Processor

    You should be fine with that cpu. Just make sure you have a fair amount of ram. I have 4gb
     
Loading...