Need reccomendation for new Firewall/UTM appliance - TechRepublic
Question
August 1, 2007 at 08:49 AM
psx

Need reccomendation for new Firewall/UTM appliance

by psx . Updated 16 years, 9 months ago

We migrated from a PIX515 to an Astaro ASG220 UTM device about a year ago and now we’re looking for a better solution.

The PIX was very dependable (virtually no downtime at all) but it only functions as a firewall and a simple VPN host (Cisco’s VPN client, however, is very good).

The ASG220 gave us a lot more features but, unfortunately, because of some of those features (such as SMTP filtering & IDS/IPS), the overall box became very unstable, so much so that I experience interruptions almost every week–from 2-5 seconds of dropped pings to certain daemons (Astaro products run on a highly customized Linux platform) failing outright. It is unacceptable for a firewall device to experience so much interruptions, thus we are in the process of looking for a new UTM (Unified Threat Management) appliance.

Some possible candidates are:
SonicWall 2040
Fortinet 200A
Checkpoint UTM-1

If you have experience with the above-mentioned products, please provide comments on them.

I’d like to get some recommendations from the TR community regarding a new UTM device.

Our requirements are as follows (importance is rated from 1-5 with 5 being most important):

Dependable firewall (5)
IDS/IPS (4)
Solid, stable VPN (5)
Content filtering-HTTP (4)
Content filtering-SMTP (3)
AD integration-VPN & HTTP content filtering (4)
Multiple interface for network segmentation (4)
Decent built-in reporting (3)
Antivirus/Antispyware-HTTP (3)
Antivirus/Antispyware/Antispam-SMTP (2)

This discussion is locked

All Comments