You can add failover via which license you buy with it..:)
Ajay Sharma wrote:
Wow. Thanks for all the suggestions guys. I went to bed with a list of requirements and now I have a ton of more options to research.
One thing, has anyone used Astaro? I was looking at their "security gateway 220" product last night and it looked like it fit my needs:
http://www.astaro.com/firewall_network_security/asg220
It doesn't have the failover, but everything else was there.
There were other emails in regard to "size of the company" and other stuff which I'll answer:
- there's about 30 people here now, and we plan to add about 10 more
next year.
- our firewall has a default deny in and out. So we have to open up
ports for access and internally we have our own DNS and email so those ports are closed.
we don't proxy any services.
I'm already a super busy admin/programmer so I kinda don't want to
babysit this thing (which is bad considering it's a fundamental component of the network). In any case, I'd rather buy a product and keep it updated then have to build a home-grown type of solution.
Again, thanks for all your help.
--Ajay
Ajay Sharma wrote:
Hey,
The company I work for is in the market for a new firewall. Right now we're hosting all of our own stuff (on CentOS servers) behind an old checkpoint firewall.
I think Checkpoint is overkill for our needs and very expensive, plus I don't like the "per-user" charges of some commercial solutions. What do you guys suggest that we upgrade to? Here are some of the features that I would like:
decent gui, either web based or a local client
usage graphs based on protocol. So if our tiny T1 is saturated, I
want to be able to find out what's eating up the bandwidth
- VPN-friendly for a couple of road-warriors. There won't be any
remote offices so no server-to-server setups, just remote clients.
- we have a DMZ and about 30 machines on the local network. Everyone
has a "normal" IP address, meaning that no one is behind NAT. So it needs to handle this (which is pretty basic stuff)
- high-availablity. So if I buy two machines, one can successfully
die and the other take over.
- no per-user charges. If the company hires a dozen people next
year, we shouldn't have to "upgrade" our license.
Right now we're looking at some open-source stuff like pfsense, m0n0wall, etc... But I'm totally open to an affordable commercial firewall appliance.
Thanks for you help.
--Ajay _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos