+1 for mikrotik, been solid cpe for ages.
I know a lot of msps using fortigates also.
On May 8, 2016 11:43 AM, "Eygene Ryabinkin" wrote:
> Fri, May 06, 2016 at 09:51:15PM +0200, Mark Tinka wrote:
> > On 6/May/16 21:40, Josh Reynolds wrote:
> > > I've been very happy with the 2.3 release. Modular
Fri, May 06, 2016 at 09:51:15PM +0200, Mark Tinka wrote:
> On 6/May/16 21:40, Josh Reynolds wrote:
> > I've been very happy with the 2.3 release. Modularizing everything and the
> > new bootstrap GUI is very nice. Updated BSD code base is a godsend.
>
> I was just about to ask the experienced code
PCI certification at the business level isn’t about whether your firewall
vendor has gone through an audit and paid someone.
You can build your own firewall if you wish and it must meet all of the
necessary requirements. So will a commercial firewall, because it’s certainly
possible to configur
On 6/May/16 21:40, Josh Reynolds wrote:
> I've been very happy with the 2.3 release. Modularizing everything and the
> new bootstrap GUI is very nice. Updated BSD code base is a godsend.
I was just about to ask the experienced coders whether the new GUI in
2.3 fixes a lot of problems of the pas
I've been very happy with the 2.3 release. Modularizing everything and the
new bootstrap GUI is very nice. Updated BSD code base is a godsend.
On May 6, 2016 2:36 PM, "Aris Lambrianidis" wrote:
> Mel Beckman wrote:
>
>> But bug reports and response can be measured, at least by those with
>> suppo
Mel Beckman wrote:
But bug reports and response can be measured, at least by those with
support contracts for the commercial products. I found PFSense less
reliable by a quite large margin than commercial offerings. Plus when
I have a problem, I can open a case and somebody else is working on i
But bug reports and response can be measured, at least by those with support
contracts for the commercial products. I found PFSense less reliable by a quite
large margin than commercial offerings. Plus when I have a problem, I can open
a case and somebody else is working on it (because I paid th
Mel Beckman wrote:
The question of code quality is always a difficult one, since in FOSS
it’s public and often found lacking, but in private source you may
never know. In these cases I rely on the vendor’s public statements
about their development processes and certifications (e.g., ICSA).
Com
Don't forget ponying up the fees and charges for paying the auditors -
which is why most OSS projects don't end up going through them.
On Fri, May 6, 2016 at 11:41 AM, Keith Stokes wrote:
> I've been told by various PCI auditors that a noncommercial/FOSS firewall
> could pass as long as you have
I've been told by various PCI auditors that a noncommercial/FOSS firewall could
pass as long as you have implemented the necessary controls such as
encryption/logging/management and passing actual testing.
--
Keith Stokes
> On May 6, 2016, at 1:31 PM, Mel Beckman wrote:
>
> The question of c
The question of code quality is always a difficult one, since in FOSS it’s
public and often found lacking, but in private source you may never know. In
these cases I rely on the vendor’s public statements about their development
processes and certifications (e.g., ICSA). Commercial products ofte
On 6/May/16 20:05, Aris Lambrianidis wrote:
> It still doesn't detract from the value of what people are aware of, in
> this case,
> pfSense code quality.
But the beauty is that with pfSense, you can do something about it, as
someone knowledgeable in coding.
Preferring a closed source option
On 6/May/16 20:05, Aris Lambrianidis wrote:
> It still doesn't detract from the value of what people are aware of, in
> this case,
> pfSense code quality.
But the beauty is that with pfSense, you can do something about it, as
someone knowledgeable in coding.
Preferring a close source option b
amuse wrote:
> One question I have is: Is there any reason to believe that the source
> code for Sonicwall, Cisco, etc are any better than the PFSense code? Or
> are we just able to see the PFSense code and make unfounded assumptions
> that the commercial code is in better shape?
Perhaps not. In
On 6/May/16 18:59, amuse wrote:
> One question I have is: Is there any reason to believe that the source
> code for Sonicwall, Cisco, etc are any better than the PFSense code? Or
> are we just able to see the PFSense code and make unfounded assumptions
> that the commercial code is in better s
One question I have is: Is there any reason to believe that the source
code for Sonicwall, Cisco, etc are any better than the PFSense code? Or
are we just able to see the PFSense code and make unfounded assumptions
that the commercial code is in better shape?
On Fri, May 6, 2016 at 9:39 AM, Mel
I, too, was not impressed with PFSense’s code. I’ve had to dig into it a couple
of times to troubleshoot weird failure modes. I finally gave up. My time is too
valuable, and the price of modern firewalls is fair for the value you get in
serious regression testing and support.
Also, I would not
amuse wrote:
> +1 to a "Can you substantiate that claim please?" sentiment here. I've
> used it for years and found it to be reliable, flexible, feature-filled.
> And having the BSD CLI fully available has been a godsend.
The code quality is terrible in a 1990s sort of way. I.e. no separation
of
+1 to a "Can you substantiate that claim please?" sentiment here. I've
used it for years and found it to be reliable, flexible, feature-filled.
And having the BSD CLI fully available has been a godsend.
On Fri, May 6, 2016 at 12:01 AM, Mark Tinka wrote:
>
>
> On 6/May/16 02:18, g...@1337.io wro
On 6/May/16 02:18, g...@1337.io wrote:
> If you are considering pfSense, I would urge you to look at OPNsense
> instead. The pfSense code is horrible!
Can you explain?
We've been reasonably happy with it, running it since 2012 on dozens of
boxes for our corporate network and as OpenVPN servers
On 5/May/16 19:53, Ken Chase wrote:
> Looking around at different SMB firewalls to standardize on so we can start
> training up our level 2/3 techs instead of dealing with a mess of different
> vendors
> at cust premises.
>
> I've run into a few firewalls that were not sip or 323 friendly howev
Yeah, the EdgeRouter series do not suck.
Fast, stable, easy to manage (although the broken tab completion drives me
nuts ('sho ip route' should just work, I'm too old to retrain my
fingers...) - other than that they are great...
W
On Thu, May 5, 2016 at 8:28 PM Jared Mauch wrote:
>
> > On May 5
On Thu, May 5, 2016 at 8:27 PM, Jared Mauch wrote:
>
> > On May 5, 2016, at 4:52 PM, Javier J wrote:
> >
> > I'm a fan of the EdgeRouterLite3
> >
> >
> > I don't manage many small businesses networks anymore because we now do
> > only 100% cloud and remote work but I started deploying them to al
t;> (906) 487-3696
>> http://www.mtu.edu/
>> http://www.it.mtu.edu/
>>
>>
>> -----Original Message-----
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Nick Ellermann
>> Sent: Thursday, May 5, 2016 2:51 PM
>> To: Mel Beckman
>>
> On May 5, 2016, at 4:52 PM, Javier J wrote:
>
> I'm a fan of the EdgeRouterLite3
>
>
> I don't manage many small businesses networks anymore because we now do
> only 100% cloud and remote work but I started deploying them to all my old
> clients I still have on retainer.
>
>
> It is a wond
If you are considering pfSense, I would urge you to look at OPNsense
instead. The pfSense code is horrible!
On 5/5/16 11:11 AM, amuse wrote:
What PFSense currently lacks in brand name recognition, they can make up
with by the fact that they offer paid support at very affordable levels.
I'd go
We use Calix gigacenter 844E. It will do everything you listed (and a whole
lot more) except the VPN part.
-Sean
On Thursday, May 5, 2016, Ken Chase wrote:
> Looking around at different SMB firewalls to standardize on so we can start
> training up our level 2/3 techs instead of dealing with a m
I'm a fan of the EdgeRouterLite3
I don't manage many small businesses networks anymore because we now do
only 100% cloud and remote work but I started deploying them to all my old
clients I still have on retainer.
It is a wonderful solid set it, and forget it device and you can manage it
with s
og-boun...@nanog.org] On Behalf Of Nick Ellermann
> Sent: Thursday, May 5, 2016 2:51 PM
> To: Mel Beckman
> Cc: nanog@nanog.org
> Subject: RE: sub $500-750 CPE firewall for voip-centric application
>
> Your exactly right, Mel. Dell has really turned the Sonicwall platform
> arou
echnological University
> (906) 487-3696
> http://www.mtu.edu/
> http://www.it.mtu.edu/
>
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Nick Ellermann
> Sent: Thursday, May 5, 2016 2:51 PM
> To: Mel Beckman
> Cc: nanog@na
o: Mel Beckman
Cc: nanog@nanog.org
Subject: RE: sub $500-750 CPE firewall for voip-centric application
Your exactly right, Mel. Dell has really turned the Sonicwall platform
around in the past few year. We dropped it a year or two before Dell took
them over. Back then Sonicwall was full of issues
Ellermann
Cc: Ken Chase ; nanog@nanog.org
Subject: Re: sub $500-750 CPE firewall for voip-centric application
I install and support Cisco ASA, Dell SonicWall, Fortigate, and PaloAlto
firewalls. The best SMB devices are definitely SonicWall and Fortigate.
SonicWalls are easier to configure, but h
I install and support Cisco ASA, Dell SonicWall, Fortigate, and PaloAlto
firewalls. The best SMB devices are definitely SonicWall and Fortigate.
SonicWalls are easier to configure, but have fewer features. Fortigate has many
knobs and dials and a very powerful virtual router facility that can d
We have a lot of luck for smaller VOIP customers having all of their services
run through a FortiGate 60D, or higher models. 60D is our go to solution for
small enterprise. However, if we are the network carrier for a particular
customer and they have a voip deployment of more than about 15 phon
We deploy SonicWALL TZ300 or SOHO using Dell's Security as a Service. That
way our monthly cost per customer is under $50 and includes all security
services plus GMS centralized management. Works great with our VOIP service.
Regards,
Ray Orsini – CEO
Orsini IT, LLC – Technology Consultants
VOICE
What PFSense currently lacks in brand name recognition, they can make up
with by the fact that they offer paid support at very affordable levels.
I'd go with https://store.pfsense.org/SG-2440/ ($499 each) and a quote for
professional services (
https://store.pfsense.org/Professional-Services.aspx
36 matches
Mail list logo