General discussion

  • Creator
  • #2259073

    firewall specs


    by xiaitmb ·

    Sourcing for a firewall –
    for a network with 200 users surfing the web, accessing to web applications and email routing.
    In the spec for a firewall, what need to be looked at in order to determine a suitable firewall?
    A vendor is recommending Juniper Netscreen, will the SSG520 be an overkill, or will the netscreen 25 or 50 be alright?
    Appreciate guidance. thanks.

All Comments

  • Author
    • #3282595

      Reply To: firewall specs

      by hal 9000 ·

      In reply to firewall specs

      This depends on what the business is doing and if they have to comply with any Government regulations for [b]Data Security.[/b]

      Then you have to take into consideration of just how secure you want your data to be and what size the Budget is. Generally speaking the Best that you can afford is the best option unless there are other factors that have to be taken into account.

      Depending on what if any Government Regulations you need to comply with the answer varies. If you don’t need to comply with any Regulations the cheapest option might be good enough but it will offer less protection and that may not be something that the company wants. Really without knowing more about your particular situation it’s hard to say but what I would recommend is talking to a tech from the company involved if you have settled on this supplier and ask them what would suit your needs best. Avoid the Sales People until you have decided what you require and then just place an order with the Sales Team once you have made your decision.

      The smaller units might be OK for your needs but they also might produce a slow down of Mail & Web Access you really need to look at the load that is going to be placed on the appliance before you can make a decision that’s why I would ask a Tech from the company first for their advice.

      It’s better to have more than you currently require than to slow down the system and have people waiting for access to what they need. This also allows room for growth if this is an issue as well.


    • #3282586

      Reply To: firewall specs

      by jmgarvin ·

      In reply to firewall specs

      As usually let me suggest a PIX firewall. With 200 users you might be pushing the firewall you are looking at. Keep in mind that you should plan for growth as well.

      What is your price range and what do you need to secure? Are you worried about outbound as well as inbound? Do you host mail or is that ISP based?

      I’d also suggest staying away from Watchguard.

    • #3283386

      Reply To: firewall specs

      by greybeard770 ·

      In reply to firewall specs

      I am not familiar with a SSG520 but the NetScreens will do a fine job for you. If you plan on doing several (more than 4) IPSec based VPNs handled by the unit you might look into the NetScreen 204. Otherwise the CPU utilization may be higher than desirable. We use a NetScreen 204 in the central office and NetScreen 25 in 3 remote offices – all doing IPSec based VPN NetScreen to NetScreen and it works well.

    • #3200633

      Reply To: firewall specs

      by dumphrey ·

      In reply to firewall specs

      I would recommend going with the Cisco PIX line. We have a 501 that is more then enough for 85 e-mail users and web browsers. I can also heartily recommend the Barracuda Spam filter. It takes close to 10,000 Spam out of circulation a day, before they hit the exchange server, so there is a big “increase” in performance gained for the Exchange server. The PIX will do you right, and Cisco support is phenomenal.

Viewing 3 reply threads