[TriLUG] [off topic] firewall, VPN, UTM, and web filtering suggestions
mpusateri at wickedtrails.com
Thu Feb 17 19:13:49 EST 2011
On Feb 17, 2011, at 11:56 AM, Alexey Toptygin wrote:
> On Thu, 17 Feb 2011, Chris Bullock wrote:
>> We are looking to replace our opensource firewall/VPN and web filtering boxes
>> with something more commercially supported (I have changed roles in my company
>> and my boss wants me hands off and the rest of our IT department can not support
>> our existing infrastructure) I currently have a few RFPs out for replacing my
>> gear, however neither has come back with a turnkey solution as of yet.
> I've always used open source tools for these tasks, except one time when the CEO bought a NetScreen turnkey box without consulting the IT department and then ordered us to use it. It was a complete piece of crap. We had to put a linux box running iptables+freeswan next to it to enable IPSEC networking to other NetScreen boxes at remote sites, because the NetScreens could not talk to each other and would not give meaningful error messages (but they were all happy to talk to the freeswan box...)
> Don't buy NetScreen if you can possibly avoid it.
We used netscreen's at a previous job having worldwide mesh for site to site VPN's across half a dozen sites. If you couldn't get two of them talking together I'd be really surprised, as they are designed for that. Now I will say their interface is not intuitive.
More information about the TriLUG