subject:"Firewall\/Router recommendations"

Re: Firewall/Router recommendations

2011-10-07 Thread Angus Scott-Fleming

On 5 Oct 2011 at 21:08, Kurt Buff  wrote:

> Well, true, but IMHO it's much more important to find the root cause
> ATM, since the unit has until now performed to expectations.

+1 on that suggestion.  Check out the ClearOS logs.  Perhaps the OP has an 
infected box applying a DDOS to someone off the LAN or spamming through his 
firewall.  Logs should show this.  Blocking port 25 outbound may solve this 
problem.

> Almost anything in the right class will handle what he needs, once he
> figures out what's happening.
> 
> Heck, even a simple pfsense box on decent hardware will do what he wants.

+1 on pfsense.

I just replaced an IPCop box with a newer pfSense box when a power failure 
fried the IPCop's power supply.  Trivial install and pfSense supports dual WAN 
which IPCop doesn't.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Firewall/Router recommendations

2011-10-06 Thread Mayo, Bill

+1 on the ASA here, too.

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Wednesday, October 05, 2011 6:06 PM
To: NT System Admin Issues
Subject: Re: Firewall/Router recommendations

+1 on the ASA no experience with NetScreen

Jon

On Wed, Oct 5, 2011 at 5:42 PM, Erik Goldoff  wrote:

I would look to Cisco ASA or Juniper/Netscreen

Erik Goldoff
IT  Consultant
Systems, Networks, & Security

'  Security is an ongoing process, not a one time event ! '

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Sent: Wednesday, October 05, 2011 5:15 PM
To: NT System Admin Issues
Subject: Firewall/Router recommendations

Good Afternoon, list members.

I would like to know what are some of your recommendations for a
Router/Firewall. Some info of our current situation:

We currently use a Linux-based firewall (ClearOS for those curios). It
has
served us well over the years. Very recently, it has begun to
inexplicably
slow down passed network traffic. Ping times go up to 1000-4000ms, while
load seems to be near zero. Reboot resolve this issue, but the problem
can
come back within a few hours.

I have called the vendor, and I was able to get their tech support (for
$180, no less). The first tier support tech is stumped, and he's going
to
get his level 2 tech involved. Here's the kicker: He will be in touch
with
me "by the end of the week." My boss and I have decided that we no
longer
are interested in something if we can't get support when we need it.

The network requirements for the firewall/router are simple: a 100mbit
ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port
forwarding
required. All other features are _not_ required, but are gravy.

We need something that is fairly easy to administer. Anything with a
decent
web console will likely do. We have about 1000 computers on our network,
but
actual concurrent sessions through the firewall will likely be
5,000-10,000.

I look forward to see what else people are using.

--Matt Ross
Ephrata School District

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Firewall/Router recommendations

2011-10-05 Thread Kurt Buff

Well, true, but IMHO it's much more important to find the root cause
ATM, since the unit has until now performed to expectations.

Almost anything in the right class will handle what he needs, once he
figures out what's happening.

Heck, even a simple pfsense box on decent hardware will do what he wants.

Kurt

On Wed, Oct 5, 2011 at 21:04, Steve Kradel  wrote:
> I'd say the OP needs to both figure out the root cause, *and* buy a
> new firewall as the vendor's support program's been tried and found
> wantin'.
>
> --Steve
>
> On Wed, Oct 5, 2011 at 11:37 PM, Kurt Buff  wrote:
>> Don't look for a new firewall right now.
>>
>> Do figure out why the response is so crappy after having been fine for so 
>> long.
>>
>> I take that as a signal that something has drastically changed in your
>> environment.
>>
>> Can you characterize your current traffic? In particular, look for
>> indications that you're emitting and/or receiving lots of really tiny
>> packets. This might look like not much bandwidth is being consumed,
>> but can drive *any* firewall to its knees.
>>
>> Kurt
>>
>> On Wed, Oct 5, 2011 at 14:14, Matthew W. Ross  
>> wrote:
>>> Good Afternoon, list members.
>>>
>>> I would like to know what are some of your recommendations for a 
>>> Router/Firewall. Some info of our current situation:
>>>
>>> We currently use a Linux-based firewall (ClearOS for those curios). It has 
>>> served us well over the years. Very recently, it has begun to inexplicably 
>>> slow down passed network traffic. Ping times go up to 1000-4000ms, while 
>>> load seems to be near zero. Reboot resolve this issue, but the problem can 
>>> come back within a few hours.
>>>
>>> I have called the vendor, and I was able to get their tech support (for 
>>> $180, no less). The first tier support tech is stumped, and he's going to 
>>> get his level 2 tech involved. Here's the kicker: He will be in touch with 
>>> me "by the end of the week." My boss and I have decided that we no longer 
>>> are interested in something if we can't get support when we need it.
>>>
>>> The network requirements for the firewall/router are simple: a 100mbit 
>>> ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding 
>>> required. All other features are _not_ required, but are gravy.
>>>
>>> We need something that is fairly easy to administer. Anything with a decent 
>>> web console will likely do. We have about 1000 computers on our network, 
>>> but actual concurrent sessions through the firewall will likely be 
>>> 5,000-10,000.
>>>
>>> I look forward to see what else people are using.
>>>
>>>
>>> --Matt Ross
>>> Ephrata School District
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>> ---
>>> To manage subscriptions click here: 
>>> http://lyris.sunbelt-software.com/read/my_forums/
>>> or send an email to listmana...@lyris.sunbeltsoftware.com
>>> with the body: unsubscribe ntsysadmin
>>>
>>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here: 
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Firewall/Router recommendations

2011-10-05 Thread Steve Kradel

I'd say the OP needs to both figure out the root cause, *and* buy a
new firewall as the vendor's support program's been tried and found
wantin'.

--Steve

On Wed, Oct 5, 2011 at 11:37 PM, Kurt Buff  wrote:
> Don't look for a new firewall right now.
>
> Do figure out why the response is so crappy after having been fine for so 
> long.
>
> I take that as a signal that something has drastically changed in your
> environment.
>
> Can you characterize your current traffic? In particular, look for
> indications that you're emitting and/or receiving lots of really tiny
> packets. This might look like not much bandwidth is being consumed,
> but can drive *any* firewall to its knees.
>
> Kurt
>
> On Wed, Oct 5, 2011 at 14:14, Matthew W. Ross  
> wrote:
>> Good Afternoon, list members.
>>
>> I would like to know what are some of your recommendations for a 
>> Router/Firewall. Some info of our current situation:
>>
>> We currently use a Linux-based firewall (ClearOS for those curios). It has 
>> served us well over the years. Very recently, it has begun to inexplicably 
>> slow down passed network traffic. Ping times go up to 1000-4000ms, while 
>> load seems to be near zero. Reboot resolve this issue, but the problem can 
>> come back within a few hours.
>>
>> I have called the vendor, and I was able to get their tech support (for 
>> $180, no less). The first tier support tech is stumped, and he's going to 
>> get his level 2 tech involved. Here's the kicker: He will be in touch with 
>> me "by the end of the week." My boss and I have decided that we no longer 
>> are interested in something if we can't get support when we need it.
>>
>> The network requirements for the firewall/router are simple: a 100mbit 
>> ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding 
>> required. All other features are _not_ required, but are gravy.
>>
>> We need something that is fairly easy to administer. Anything with a decent 
>> web console will likely do. We have about 1000 computers on our network, but 
>> actual concurrent sessions through the firewall will likely be 5,000-10,000.
>>
>> I look forward to see what else people are using.
>>
>>
>> --Matt Ross
>> Ephrata School District
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here: 
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Firewall/Router recommendations

2011-10-05 Thread Kurt Buff

Don't look for a new firewall right now.

Do figure out why the response is so crappy after having been fine for so long.

I take that as a signal that something has drastically changed in your
environment.

Can you characterize your current traffic? In particular, look for
indications that you're emitting and/or receiving lots of really tiny
packets. This might look like not much bandwidth is being consumed,
but can drive *any* firewall to its knees.

Kurt

On Wed, Oct 5, 2011 at 14:14, Matthew W. Ross  wrote:
> Good Afternoon, list members.
>
> I would like to know what are some of your recommendations for a 
> Router/Firewall. Some info of our current situation:
>
> We currently use a Linux-based firewall (ClearOS for those curios). It has 
> served us well over the years. Very recently, it has begun to inexplicably 
> slow down passed network traffic. Ping times go up to 1000-4000ms, while load 
> seems to be near zero. Reboot resolve this issue, but the problem can come 
> back within a few hours.
>
> I have called the vendor, and I was able to get their tech support (for $180, 
> no less). The first tier support tech is stumped, and he's going to get his 
> level 2 tech involved. Here's the kicker: He will be in touch with me "by the 
> end of the week." My boss and I have decided that we no longer are interested 
> in something if we can't get support when we need it.
>
> The network requirements for the firewall/router are simple: a 100mbit 
> ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding 
> required. All other features are _not_ required, but are gravy.
>
> We need something that is fairly easy to administer. Anything with a decent 
> web console will likely do. We have about 1000 computers on our network, but 
> actual concurrent sessions through the firewall will likely be 5,000-10,000.
>
> I look forward to see what else people are using.
>
>
> --Matt Ross
> Ephrata School District
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Firewall/Router recommendations

2011-10-05 Thread Tom Miller

+4 for Fortinet. I have two here at corporate, and another 20 or so SOHO 
devices at cable modem sites. All are managed by the FortiManager. I also have 
a FortiLog - centralized logging.

Super easy to configure. Command line available for advanced options. Rarely 
needed though.

I like that the devices have Intrusion Prevension, content filtering, a/v 
scanning, and firewall all-in-one. Makes for good use of money for us 
non-profits.

>>> "Erik Goldoff" 10/05/11 8:01 PM >>> 
Heard good about them too, just no personal experience. 
Fortinet was formed by former Netscreen folks IIRC. 


Erik Goldoff 
IT Consultant 
Systems, Networks, & Security 

' Security is an ongoing process, not a one time event ! ' 



-Original Message- 
From: Stringham, Steven [mailto:sstri...@lrlaw.com] 
Sent: Wednesday, October 05, 2011 6:38 PM 
To: NT System Admin Issues 
Subject: RE: Firewall/Router recommendations 

Look at Fortinet's Fortigate products. Very nice with filtering, etc. 
available. 


-Original Message- 
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Wednesday, October 05, 2011 2:15 PM 
To: NT System Admin Issues 
Subject: Firewall/Router recommendations 

Good Afternoon, list members. 

I would like to know what are some of your recommendations for a 
Router/Firewall. Some info of our current situation: 

We currently use a Linux-based firewall (ClearOS for those curios). It has 
served us well over the years. Very recently, it has begun to inexplicably 
slow down passed network traffic. Ping times go up to 1000-4000ms, while 
load seems to be near zero. Reboot resolve this issue, but the problem can 
come back within a few hours. 

I have called the vendor, and I was able to get their tech support (for 
$180, no less). The first tier support tech is stumped, and he's going to 
get his level 2 tech involved. Here's the kicker: He will be in touch with 
me "by the end of the week." My boss and I have decided that we no longer 
are interested in something if we can't get support when we need it. 

The network requirements for the firewall/router are simple: a 100mbit 
ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding 
required. All other features are _not_ required, but are gravy. 

We need something that is fairly easy to administer. Anything with a decent 
web console will likely do. We have about 1000 computers on our network, but 
actual concurrent sessions through the firewall will likely be 5,000-10,000. 

I look forward to see what else people are using. 


--Matt Ross 
Ephrata School District 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
~ 

--- 
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 



-- 
For more information about Lewis and Roca LLP, please go to 
www.lewisandroca.com. 

Phoenix (602)262-5311 Minden (775)586-9500 
Tucson (520)622-2090 Albuquerque (505)764-5400 
Las Vegas (702)949-8200 Silicon Valley (650)391-1380 
Reno (775)823-2900 

This message is intended only for the use of the individual or entity to 
which it is addressed. If the reader of this message is not the intended 
recipient, or the employee or agent responsible for delivering the message 
to the intended recipient, you are hereby notified that any dissemination, 
distribution or copying of this message is strictly prohibited. If you have 
received this communication in error, please notify us immediately by 
replying to the sender of this E-Mail by return E-Mail or by telephone. 
In accordance with Internal Revenue Service Circular 230, we advise you 
that if this email contains any tax advice, such tax advice was not intended 
or written to be used, and it cannot be used, by any taxpayer for the 
purpose of avoiding penalties that may be imposed on the taxpayer 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
~ ~ 

--- 
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
~ ~ 

--- 
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin
Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security t

RE: Firewall/Router recommendations

2011-10-05 Thread Erik Goldoff

Heard good about them too, just no personal experience.
Fortinet was formed by former Netscreen folks IIRC.


Erik Goldoff
IT  Consultant
Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '



-Original Message-
From: Stringham, Steven [mailto:sstri...@lrlaw.com] 
Sent: Wednesday, October 05, 2011 6:38 PM
To: NT System Admin Issues
Subject: RE: Firewall/Router recommendations

Look at Fortinet's Fortigate products. Very nice with filtering, etc.
available.


-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Sent: Wednesday, October 05, 2011 2:15 PM
To: NT System Admin Issues
Subject: Firewall/Router recommendations

Good Afternoon, list members.

I would like to know what are some of your recommendations for a
Router/Firewall. Some info of our current situation:

We currently use a Linux-based firewall (ClearOS for those curios). It has
served us well over the years. Very recently, it has begun to inexplicably
slow down passed network traffic. Ping times go up to 1000-4000ms, while
load seems to be near zero. Reboot resolve this issue, but the problem can
come back within a few hours.

I have called the vendor, and I was able to get their tech support (for
$180, no less). The first tier support tech is stumped, and he's going to
get his level 2 tech involved. Here's the kicker: He will be in touch with
me "by the end of the week." My boss and I have decided that we no longer
are interested in something if we can't get support when we need it.

The network requirements for the firewall/router are simple: a 100mbit
ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding
required. All other features are _not_ required, but are gravy.

We need something that is fairly easy to administer. Anything with a decent
web console will likely do. We have about 1000 computers on our network, but
actual concurrent sessions through the firewall will likely be 5,000-10,000.

I look forward to see what else people are using.


--Matt Ross
Ephrata School District

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



--
For more information about Lewis and Roca LLP, please go to
www.lewisandroca.com.

Phoenix (602)262-5311   Minden (775)586-9500
Tucson (520)622-2090Albuquerque (505)764-5400
Las Vegas (702)949-8200 Silicon Valley (650)391-1380
Reno (775)823-2900

  This message is intended only for the use of the individual or entity to
which it is addressed. If the reader of this message is not the intended
recipient, or the employee or agent responsible for delivering the message
to the intended recipient, you are hereby notified that any dissemination,
distribution or copying of this message is strictly prohibited. If you have
received this communication in error, please notify us immediately by
replying to the sender of this E-Mail by return E-Mail or by telephone.
  In accordance with Internal Revenue Service Circular 230, we advise you
that if this email contains any tax advice, such tax advice was not intended
or written to be used, and it cannot be used, by any taxpayer for the
purpose of avoiding penalties that may be imposed on the taxpayer

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Firewall/Router recommendations

2011-10-05 Thread Andrew S. Baker

Highly recommend the Fortigate firewalls as well.

Used to love Netscreen, although not as happy with them post Juniper.

Lots of features at a really good price point.

* *

*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
Technology for the SMB market…

*



On Wed, Oct 5, 2011 at 6:37 PM, Stringham, Steven wrote:

> Look at Fortinet's Fortigate products. Very nice with filtering, etc.
> available.
>
>
> -Original Message-
> From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
> Sent: Wednesday, October 05, 2011 2:15 PM
> To: NT System Admin Issues
> Subject: Firewall/Router recommendations
>
> Good Afternoon, list members.
>
> I would like to know what are some of your recommendations for a
> Router/Firewall. Some info of our current situation:
>
> We currently use a Linux-based firewall (ClearOS for those curios). It has
> served us well over the years. Very recently, it has begun to inexplicably
> slow down passed network traffic. Ping times go up to 1000-4000ms, while
> load seems to be near zero. Reboot resolve this issue, but the problem can
> come back within a few hours.
>
> I have called the vendor, and I was able to get their tech support (for
> $180, no less). The first tier support tech is stumped, and he's going to
> get his level 2 tech involved. Here's the kicker: He will be in touch with
> me "by the end of the week." My boss and I have decided that we no longer
> are interested in something if we can't get support when we need it.
>
> The network requirements for the firewall/router are simple: a 100mbit
> ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding
> required. All other features are _not_ required, but are gravy.
>
> We need something that is fairly easy to administer. Anything with a decent
> web console will likely do. We have about 1000 computers on our network, but
> actual concurrent sessions through the firewall will likely be 5,000-10,000.
>
> I look forward to see what else people are using.
>
>
> --Matt Ross
> Ephrata School District
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Firewall/Router recommendations

2011-10-05 Thread Stringham, Steven

Look at Fortinet's Fortigate products. Very nice with filtering, etc. available.

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Sent: Wednesday, October 05, 2011 2:15 PM
To: NT System Admin Issues
Subject: Firewall/Router recommendations

Good Afternoon, list members.

I would like to know what are some of your recommendations for a 
Router/Firewall. Some info of our current situation:

We currently use a Linux-based firewall (ClearOS for those curios). It has 
served us well over the years. Very recently, it has begun to inexplicably slow 
down passed network traffic. Ping times go up to 1000-4000ms, while load seems 
to be near zero. Reboot resolve this issue, but the problem can come back 
within a few hours.

I have called the vendor, and I was able to get their tech support (for $180, 
no less). The first tier support tech is stumped, and he's going to get his 
level 2 tech involved. Here's the kicker: He will be in touch with me "by the 
end of the week." My boss and I have decided that we no longer are interested 
in something if we can't get support when we need it.

The network requirements for the firewall/router are simple: a 100mbit ethernet 
WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding required. All 
other features are _not_ required, but are gravy.

We need something that is fairly easy to administer. Anything with a decent web 
console will likely do. We have about 1000 computers on our network, but actual 
concurrent sessions through the firewall will likely be 5,000-10,000.

I look forward to see what else people are using.

--Matt Ross
Ephrata School District

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

--
For more information about Lewis and Roca LLP, please go to 
www.lewisandroca.com.

Phoenix (602)262-5311   Minden (775)586-9500
Tucson (520)622-2090Albuquerque (505)764-5400
Las Vegas (702)949-8200 Silicon Valley (650)391-1380
Reno (775)823-2900

  This message is intended only for the use of the individual or entity to 
which it is addressed. If the reader of this message is not the intended 
recipient, or the employee or agent responsible for delivering the message to 
the intended recipient, you are hereby notified that any dissemination, 
distribution or copying of this message is strictly prohibited. If you have 
received this communication in error, please notify us immediately by replying 
to the sender of this E-Mail by return E-Mail or by telephone.
  In accordance with Internal Revenue Service Circular 230, we advise you that 
if this email contains any tax advice, such tax advice was not intended or 
written to be used, and it cannot be used, by any taxpayer for the purpose of 
avoiding penalties that may be imposed on the taxpayer

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Firewall/Router recommendations

2011-10-05 Thread Kim Longenbaugh

Depending on your budget, Check Point has some good offerings.  You can get 
appliances, software you can install on your own hardware, and I think even a 
VMware template.
The software mode has the added benefit that you can install it on newer, more 
powerful hardware as it becomes available.

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Wednesday, October 05, 2011 4:15 PM
To: NT System Admin Issues
Subject: Firewall/Router recommendations

Good Afternoon, list members.

I would like to know what are some of your recommendations for a 
Router/Firewall. Some info of our current situation:

We currently use a Linux-based firewall (ClearOS for those curios). It has 
served us well over the years. Very recently, it has begun to inexplicably slow 
down passed network traffic. Ping times go up to 1000-4000ms, while load seems 
to be near zero. Reboot resolve this issue, but the problem can come back 
within a few hours.

I have called the vendor, and I was able to get their tech support (for $180, 
no less). The first tier support tech is stumped, and he's going to get his 
level 2 tech involved. Here's the kicker: He will be in touch with me "by the 
end of the week." My boss and I have decided that we no longer are interested 
in something if we can't get support when we need it.

The network requirements for the firewall/router are simple: a 100mbit ethernet 
WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding required. All 
other features are _not_ required, but are gravy.

We need something that is fairly easy to administer. Anything with a decent web 
console will likely do. We have about 1000 computers on our network, but actual 
concurrent sessions through the firewall will likely be 5,000-10,000.

I look forward to see what else people are using.

--Matt Ross
Ephrata School District

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Firewall/Router recommendations

2011-10-05 Thread Jon Harris

+1 on the ASA no experience with NetScreen

Jon

On Wed, Oct 5, 2011 at 5:42 PM, Erik Goldoff  wrote:

> I would look to Cisco ASA or Juniper/Netscreen
>
>
> Erik Goldoff
> IT  Consultant
> Systems, Networks, & Security
>
> '  Security is an ongoing process, not a one time event ! '
>
>
> -Original Message-
> From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
> Sent: Wednesday, October 05, 2011 5:15 PM
> To: NT System Admin Issues
> Subject: Firewall/Router recommendations
>
> Good Afternoon, list members.
>
> I would like to know what are some of your recommendations for a
> Router/Firewall. Some info of our current situation:
>
> We currently use a Linux-based firewall (ClearOS for those curios). It has
> served us well over the years. Very recently, it has begun to inexplicably
> slow down passed network traffic. Ping times go up to 1000-4000ms, while
> load seems to be near zero. Reboot resolve this issue, but the problem can
> come back within a few hours.
>
> I have called the vendor, and I was able to get their tech support (for
> $180, no less). The first tier support tech is stumped, and he's going to
> get his level 2 tech involved. Here's the kicker: He will be in touch with
> me "by the end of the week." My boss and I have decided that we no longer
> are interested in something if we can't get support when we need it.
>
> The network requirements for the firewall/router are simple: a 100mbit
> ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding
> required. All other features are _not_ required, but are gravy.
>
> We need something that is fairly easy to administer. Anything with a decent
> web console will likely do. We have about 1000 computers on our network,
> but
> actual concurrent sessions through the firewall will likely be
> 5,000-10,000.
>
> I look forward to see what else people are using.
>
>
> --Matt Ross
> Ephrata School District
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Firewall/Router recommendations

2011-10-05 Thread Erik Goldoff

I would look to Cisco ASA or Juniper/Netscreen


Erik Goldoff
IT  Consultant
Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '


-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Wednesday, October 05, 2011 5:15 PM
To: NT System Admin Issues
Subject: Firewall/Router recommendations

Good Afternoon, list members.

I would like to know what are some of your recommendations for a
Router/Firewall. Some info of our current situation:

We currently use a Linux-based firewall (ClearOS for those curios). It has
served us well over the years. Very recently, it has begun to inexplicably
slow down passed network traffic. Ping times go up to 1000-4000ms, while
load seems to be near zero. Reboot resolve this issue, but the problem can
come back within a few hours.

I have called the vendor, and I was able to get their tech support (for
$180, no less). The first tier support tech is stumped, and he's going to
get his level 2 tech involved. Here's the kicker: He will be in touch with
me "by the end of the week." My boss and I have decided that we no longer
are interested in something if we can't get support when we need it.

The network requirements for the firewall/router are simple: a 100mbit
ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding
required. All other features are _not_ required, but are gravy.

We need something that is fairly easy to administer. Anything with a decent
web console will likely do. We have about 1000 computers on our network, but
actual concurrent sessions through the firewall will likely be 5,000-10,000.

I look forward to see what else people are using.


--Matt Ross
Ephrata School District

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Firewall/Router recommendations

2011-10-05 Thread Matthew W. Ross

Good Afternoon, list members.

I would like to know what are some of your recommendations for a 
Router/Firewall. Some info of our current situation:

We currently use a Linux-based firewall (ClearOS for those curios). It has 
served us well over the years. Very recently, it has begun to inexplicably slow 
down passed network traffic. Ping times go up to 1000-4000ms, while load seems 
to be near zero. Reboot resolve this issue, but the problem can come back 
within a few hours.

I have called the vendor, and I was able to get their tech support (for $180, 
no less). The first tier support tech is stumped, and he's going to get his 
level 2 tech involved. Here's the kicker: He will be in touch with me "by the 
end of the week." My boss and I have decided that we no longer are interested 
in something if we can't get support when we need it.

The network requirements for the firewall/router are simple: a 100mbit ethernet 
WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding required. All 
other features are _not_ required, but are gravy.

We need something that is fairly easy to administer. Anything with a decent web 
console will likely do. We have about 1000 computers on our network, but actual 
concurrent sessions through the firewall will likely be 5,000-10,000.

I look forward to see what else people are using.


--Matt Ross
Ephrata School District

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Firewall/Router recommendations

RE: Firewall/Router recommendations

Re: Firewall/Router recommendations

Re: Firewall/Router recommendations

Re: Firewall/Router recommendations

RE: Firewall/Router recommendations

RE: Firewall/Router recommendations

Re: Firewall/Router recommendations

RE: Firewall/Router recommendations

RE: Firewall/Router recommendations

Re: Firewall/Router recommendations

RE: Firewall/Router recommendations

Firewall/Router recommendations

13 matches

Site Navigation

Mail list logo

Footer information