[TriLUG] [off topic] firewall, VPN, UTM, and web filtering suggestions
alexeyt at freeshell.org
Thu Feb 17 11:56:22 EST 2011
On Thu, 17 Feb 2011, Chris Bullock wrote:
> We are looking to replace our opensource firewall/VPN and web filtering boxes
> with something more commercially supported (I have changed roles in my company
> and my boss wants me hands off and the rest of our IT department can not support
> our existing infrastructure) I currently have a few RFPs out for replacing my
> gear, however neither has come back with a turnkey solution as of yet.
I've always used open source tools for these tasks, except one time when
the CEO bought a NetScreen turnkey box without consulting the IT
department and then ordered us to use it. It was a complete piece of crap.
We had to put a linux box running iptables+freeswan next to it to enable
IPSEC networking to other NetScreen boxes at remote sites, because the
NetScreens could not talk to each other and would not give meaningful
error messages (but they were all happy to talk to the freeswan box...)
Don't buy NetScreen if you can possibly avoid it.
More information about the TriLUG