• Creator
  • #2224945

    Need reccomendation for new Firewall/UTM appliance


    by psx ·

    We migrated from a PIX515 to an Astaro ASG220 UTM device about a year ago and now we’re looking for a better solution.

    The PIX was very dependable (virtually no downtime at all) but it only functions as a firewall and a simple VPN host (Cisco’s VPN client, however, is very good).

    The ASG220 gave us a lot more features but, unfortunately, because of some of those features (such as SMTP filtering & IDS/IPS), the overall box became very unstable, so much so that I experience interruptions almost every week–from 2-5 seconds of dropped pings to certain daemons (Astaro products run on a highly customized Linux platform) failing outright. It is unacceptable for a firewall device to experience so much interruptions, thus we are in the process of looking for a new UTM (Unified Threat Management) appliance.

    Some possible candidates are:
    SonicWall 2040
    Fortinet 200A
    Checkpoint UTM-1

    If you have experience with the above-mentioned products, please provide comments on them.

    I’d like to get some recommendations from the TR community regarding a new UTM device.

    Our requirements are as follows (importance is rated from 1-5 with 5 being most important):

    Dependable firewall (5)
    IDS/IPS (4)
    Solid, stable VPN (5)
    Content filtering-HTTP (4)
    Content filtering-SMTP (3)
    AD integration-VPN & HTTP content filtering (4)
    Multiple interface for network segmentation (4)
    Decent built-in reporting (3)
    Antivirus/Antispyware-HTTP (3)
    Antivirus/Antispyware/Antispam-SMTP (2)

All Answers

  • Author
    • #2634258


      by psx ·

      In reply to Need reccomendation for new Firewall/UTM appliance


    • #2825378

      ASG 220

      by llsilverll ·

      In reply to Need reccomendation for new Firewall/UTM appliance

      i believe you enabled all the features of ASG220, thats why you are having downtime…
      as the features of ASG220 are quite alot, the performance becomes an issue here.
      i believe if you reduced the enabled services, there will not be a downtime anymore.

    • #2825346

      SonicWall 2040 Pro

      by arujammer ·

      In reply to Need reccomendation for new Firewall/UTM appliance

      We have a SonicWall 2040 Pro with Enhaced SonicOS.
      This device is working gr8, easy to setup and no downtime for more than 3 years.
      It has all what you are looking for. For the VPN we use a SSL VPN-200 this will add all you AD user and make for user easy to setup a VPN connection (tru webpage or client).

      We have setup two diferent internet connection and varios VLAN and all of then are being routed thru this firewall.

      Also you can get a good support from sonicwall.

      Check out this page for a live demo:

Viewing 2 reply threads