Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


watchguard Vs netscreen

Posted on 2004-10-21
Medium Priority
Last Modified: 2013-11-16
  I am considering watchguard x1000 or an equivalent Netscreen for a datacenter environment. Number of VPN connections is not that important however banwidth and thruput are most important. I will have around 6-8 web/app servers in DMZ ( combinations of redhat, solaris, w2k ). I have had bad experiences with sonicwall and will stay away from them. Iam also open to cisco pix but don't have much experience with cisco except lower end router configuration. I need to be able to support 800-1000 connections simultaneously among the webservers. The outbound is 1MBPS dedicated circuit ( I will get it upgraded soon). I can get my bosses to invest atmost $4K-5K. I have been maintaining ipfilters on su boxes and ip tables on redhat and find it very diffcult to maintain the rules constantly. Please suggest your exp with watchguard x1000 seriens or netscreen -25/50.

Question by:danths
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3

Expert Comment

ID: 12381661
I would go with the Watchguard x1000.  The  proxy services on the fireboxes are really handy and have lots of higher layer features.  For instance, the SMTP proxy service can drop attachments right at the firewall that are of a particular mime type or filename.  You can also block by subject line right at the firewall.  The HTTP and FTP proxy services have lots of features to, like the ability to restrict outbound FTP to read only, or whatever you want.  These proxy services can stop a lot of attacks, and make it easy for you to mitigate the risks of viruses and whatnot.  Plus, the X series firewall have a lot of stuff coming out for them, like gateway antivirus scanning via a software key upgrade.  They are also software upgradeable, performance wise.  So if you outgrow the x1000, you can buy a key and upgrade it to the next level without tossing your investment in the X1000.

It is extremely easy to manage VPN tunnels, and you'll have no trouble terminating IPSEC or PPTP tunnels.  

I've installed an x1000 on a busy 4mbps connection and had no trouble with it at all.  

Good Luck!  Enjoy your watchguard!

Author Comment

ID: 12409775
I need to put this firewall in front of few web servers serving 2 Million hits a day or roughly 30 hits every secondly not considering the burst factor wich could be as high as 10 times that number. WOuld watchguards serve that kind of thruput and simultaneous connections? I tried sonicwall and they couldn't.

Accepted Solution

fendermb4 earned 2000 total points
ID: 12411110
Not a problem.  The X1000 is rated for 200,000 concurrent connections.  The X2500 is rated for 500,000 concurrent connections.  Also, you could start with an X1000 and upgrade it to a 2500 if it isn't keeping up.

I had an X1000 installed for a company that did streaming media, lots of connections, lots of heavy traffic and it was great.

Expert Comment

ID: 12498028
How is the decision coming?  Have you bought your Watchguard yet?

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question