cgi-bin
asked on
Outgrew BEFSX41's - what's next?
We have 3 Linksys BEFSX41 firewall routers that sit between our LAN and the Internet. We have 3 static IP addresses. The WAN side of each router is configured with one. The LAN sides of each router are attached to 3 separate subnets. We have a hetrogenous network of approximately 20 boxes - Lintel, Wintel, and AIX RS6000s running many of the standard services as well as a number of oddball services that eat up a number of ports.. I'm looking for an turnkey replacement for this hodgepodge of a routing/forwarding subsystem. The system must support (in order of priority):
1) DMZ
2) Firewalling
3) DoS protection
4) 8 or more ports *each*of*which* can belong to a separate subnet if desired
5) NAT
6) LAN/LAN, LAN/WAN, WAN/LAN and WAN/WAN routing
7) Cannot be a "build-your-own Linux" box gleaned from a web page at xxx.yy.com/~my/science/pro
8) VPN
9) Configurable packet drop/reject/forwarding is a plus
I'm seeking a short list of at least three (3) recommended "boxes" costing no more than $25/port. The first responder to list (3) recommendations that can meet #1-7 will be awarded 125 points. Please provide a short statement that backs up your recommendations.
Thanks,
cgi-bin
1) DMZ
2) Firewalling
3) DoS protection
4) 8 or more ports *each*of*which* can belong to a separate subnet if desired
5) NAT
6) LAN/LAN, LAN/WAN, WAN/LAN and WAN/WAN routing
7) Cannot be a "build-your-own Linux" box gleaned from a web page at xxx.yy.com/~my/science/pro
8) VPN
9) Configurable packet drop/reject/forwarding is a plus
I'm seeking a short list of at least three (3) recommended "boxes" costing no more than $25/port. The first responder to list (3) recommendations that can meet #1-7 will be awarded 125 points. Please provide a short statement that backs up your recommendations.
Thanks,
cgi-bin
ASKER
Thanks Wesley. I looked at the 1260 which seemed to have most of what I need but it seems to be quite a bit more than $25/port. By the time I load up with antivirus, and optional WAN port, it's looking like around $1500-2000. And then there's the support and maintenance... The Netscreen -5GT and -5HSC, are actually less pricey, but are user-based and don't seem to support #4.
cgi-bin
cgi-bin
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You are asking about the firewall/VPN solution. SonicWall or Juniper Netscreen VPN box might be what you are looking for.
SonicWall might be cheaper.
http://www.sonicwall.com/products/vpnapp.html
Only request (4) that you need to pay more if you want the 8 layer-3 switch ports on the firewall box.
The rest are all met by the VPN box.
Wesly