Hi all, I want to ask for your opinion regarding to my planned equipment upgrade.
As a background, our network is connected to 5 bgp peer to Internet and IX, mostly on 2 Mbps link, with one link connected to 45 Mbps Research Education link. Currently we have deployed one single PC router for our border router. It is running FreeBSD and Quagga routing daemon, which also functioned as stateful firewall using PF. We have quite good machine, Opteron machine, 1GB RAM and dual Broadcom gigabit ethernet. I want to look for Juniper solutions in order to do IP routing, together with stateful firewall devices. It needs to have good management solution (I know J-Web is good) and logical router capabilities (allows me to add router without adding more machines). For the IP routing, I think the clear choice would be M7i, when the budget doesn't permit that, maybe I will go to J6350. The problem comes when I want to pick firewall solutions. I have two choices : - Use dedicated firewall, such as SSG550M, coupled with J6350 for complete solutions. - Use stateful firewall capabilities from ASM on M7i for integrated routing-firewall solution I see first choices has advantages in full-featured firewall solutions, the web interface is good, but I don't like to manage dedicated devices for firewall function. As for second choices, I know that M7i can be installed with J-Web, but I don't know how J-Web can manage stateful firewall with AS PIC/ASM. I need your advices/suggestion/experience regarding to my proposed solutions on IP routing and firewall devices. Your help are appreciated. Regards, -affan _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp