cagleb
asked on
Firewall
A NETGEAR FVS328 ProSafe VPN Firewall has been suggested for our firewall on our network. Is this a good one or is there a better one we should use.
I personally perfer to use a Cisco PIX. Just make sure that you can contral the traffic that comes into the firewall and goes out. You also should have the ability to store the logs on a device other than the firewall, ie a syslog server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I am not so sure on SonicWall, especially if it has a heavy load on it. I have an ISP collocated with me that just bought one about a month ago, and he is constantly calling me to reboot it because it stops passing all traffic out of the blue. He’s been on the phone a lot with them, but they don’t seem to be able to get it fixed, so he has ordered a remote power management device so he can reboot it him self remotely, thank god. I myself would yank it out as I’d rather have no firewall than one that goes on the fritz all the time. I don’t know if his experience is the norm, but I find it disconcerting especially since he has a support contract, yet it still is not working at what I would an acceptable level.
>> Netscreen has been bought out by Juniper Networks. Our corporate Network guys use Netscreen and are looking for a replacement (NOT a Netscreen)
lrmoore, Am I reading what you have said correctly, that you (or corporate network guys) are moving away from Netscreen ? Can I ask why ?
Dr-IP, I sometimes see this on a PIX, when the number of open connections causes a low end (501 or 506 usually) to run out of memory. Solution is to either lower the timeouts or (what I tend to do) work out what traffic is causing the open connections and block it (it is often virus/worm activity).
cagleg, sorry to barge in on your question, but it's good for the discussion anyway... ;)
lrmoore, Am I reading what you have said correctly, that you (or corporate network guys) are moving away from Netscreen ? Can I ask why ?
Dr-IP, I sometimes see this on a PIX, when the number of open connections causes a low end (501 or 506 usually) to run out of memory. Solution is to either lower the timeouts or (what I tend to do) work out what traffic is causing the open connections and block it (it is often virus/worm activity).
cagleg, sorry to barge in on your question, but it's good for the discussion anyway... ;)
I kind of tend to think the load that guy has on that SonicWall might be too much for it, but from what I have heard no one has a clue as to what is going on, or is willing to tell him, and he says the unit is the one they recommended he use, but for what he spent on it, I could have gotten a used 520, or maybe even a 525 from a reputable dealer with a years warranty, and I know it would handle the load he has without issue. It's what I reconmended he do, but he wanted it to be new, but didn't want to spend that kind of money, and look what it got him.
Do you need more information?
Have you resolved this problem?
Can you close this question?
https://www.experts-exchange.com/help.jsp#hs5
Thanks!
Have you resolved this problem?
Can you close this question?
https://www.experts-exchange.com/help.jsp#hs5
Thanks!