Just today my publisher has released a new article entitled "All-in-One Security Appliances": http://www.networkcomputing.com/showArticle.jhtml?articleID=172901783 Their interactive guide to various products is here: http://www.ibg.networkcomputing.com/guide.jhtml?guide_id=160400002 The Cisco ASA 5520 is reviewed here: http://www.networkcomputing.com/showArticle.jhtml?articleID=163103868 [ **NOTE: I've personally used the ATA 5510. It does the job, although it's limited as a router in the base package. ] They also did a series of article at the end of April on more SMB to enterprise firewalls. Probably the most interesting is this feature comparison table between "Branch Office" firewalls ($1,395-$5,000+) here: http://i.cmpnet.com/nc/1608/graphics/1608f4a.gif Performance comparison here: http://i.cmpnet.com/nc/1608/graphics/1608f4b.gif Some offer routed and/or transparent modes (public subnet and/or bridged layer-2), as well as NAT. Some also support failover -- some for device (device failure), some for another network (network failure). All support DMZs, VPNs, etc..., although with varying support. The review of the "Branch Office" firewalls starts here: http://www.networkcomputing.com/showitem.jhtml?docid=1608f4 About mid-way down, on the left, you'll see links to various other articles in the series -- including ASIC-based/high-end "Deep Inspection" solutions, and other discussions on layer-7/application (typically port 80) filtering/inspection, etc... Didn't see a good review of sub-$1,000 solutions at NWC though. -- Bryan J. Smith | Sent from Yahoo Mail mailto:b.j.smith at ieee.org | (please excuse any http://thebs413.blogspot.com/ | missing headers)
