RE: [NF] Hardware vs Software Router/Firewall Recommendations

Author: José Enrique Llopis

Posted: 2016-12-22 at 03:09:06

+1

-----Mensaje original-----

De: ProFox [mailto:profox-bounces@leafe.com] En nombre de Dave Crozier

Enviado el: jueves, 22 de diciembre de 2016 9:34

Para: ProFox Email List

Asunto: RE: [NF] Hardware vs Software Router/Firewall Recommendations

Ken,

We use a pair of Sonicwall Network Security Appliances which are due for

renewal and we are upgrading to the latest ones. They are completely

seamless, fit in with active directory no problem and are very configurable.

Recommended but not cheap!

Dave

-----Original Message-----

From: ProFox [mailto:profox-bounces@leafe.com] On Behalf Of Ken Dibble

Sent: 21 December 2016 18:22

To: profox@leafe.com

Subject: [NF] Hardware vs Software Router/Firewall Recommendations

Hi folks,

Looks like our "ancient" (2008) CISCO router has died.

I would appreciate the benefit of your experience regarding hardware vs

software routers/firewalls to help me evaluate replacement options.

Our current network uses 1 GB switches and has about 150 machines, and there

can be at least that many people simultaneously using the network and our 25

mbps synchronous internet connection (including people hooking into our

internet from smart phones and tablets). Most servers, including the domain

controller, are virtualized and we are using a SAN for storage (two

identical Synology Linux NAS devices).

We have a 10 GB switch for virtual server/storage connectivity.

We do not host external (internet) email or websites on our network.

We've had slow growth in the number of machines and users (+/- 5% per

year) over the past decade.

We've always used the NAT functionality of the CISCO to provide a firewall

and we only rarely allow anything to punch through it. The main exception

would be our RDP server, which is in frequent use by between 5 and 10

simultaneous connections.

My understanding is that a software router/firewall running on an ordinary

PC is likely to be slower than a dedicated hardware device.

However, is the difference so significant for a network like mine as to rule

out a cheaper software solution?

Do you have preferences for specific devices or software packages?

What do you all think?

Many thanks.

Ken Dibble

www.stic-cil.org

[excessive quoting removed by server]

_______________________________________________

Post Messages to: ProFox@leafe.com

Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox

OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech

Searchable Archive: http://leafe.com/archives/search/profox

This message: http://leafe.com/archives/byMID/profox/8DF3875959DA4042B49A6581C1F9DA86@LENOVO1

** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.

©2016 José Enrique Llopis