[olug] Security Appliance Suggestions?

Jeff Hinrichs jeffh at delasco.com
Wed Jan 19 17:18:09 UTC 2011


While not an appliance in the off-the-shelf sense, nor a UTM, pfSense
http://www.pfsense.org/ and a box with two or more nics and you are darn
close. (vpn, firewall, and more)
No a/v, no mail scanning, but running that all on one box is a gigantic
choke point, both engineering wise and business.    Most UTM, imho, are buzz
word compliant hacks.

Your desktop a/v (there is no such thing anymore -- they all include f/w and
scanning, web/mail) already provide most of the other services.  Beyond
that, staying patched and knowing your patched across the enterprise is more
important than another layer of email/web scanning.

Situation always dictates and there are lots of variables in the equation
but for us, any UTM that would handle our needs had astronomical upfront and
on-going costs.  So we pieced together our own.

-Jeff



On Wed, Jan 19, 2011 at 9:44 AM, Noel Leistad <noel at metc.net> wrote:

> Currently looking for a security appliance line to support at work...and
> play, employer's customers and my own. Usual need is VPN, site-to-site and
> road-warrior, mostly site-to-site, Firewall and all the rest of the features
> that get thrown in to the term "UTM".
>
> Considering:
>
> Astaro appliance and RED
> d/l'd Untangle, but still and ISO, not a disk....
> Sonicwall
>
> peripherally, I'm aware of:
>
> Fortinet
> Netgear
> Cisco (have switch & router gear, interface w/ some customer convoluted-ly
> configured PIX or follow-on gear)
>
> have used, and ruled out for support reasons (it'd be MOSTLY me):
> IPCop, iptables
> aware of Endian,
>
> Would appreciate any thoughts.
>
> I'm not seriously considering the Cisco option just from the turmoil that
> follows it's software policies. I realize that sounds dumb as this entire
> market-space is probably going to be "subscription" heavy, at least appears
> to be as my eyes cross reading different websites.
>
> Thanks
>
> Noel
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>



More information about the OLUG mailing list