Best Firwall solution for me?

Posted on 2006-10-25
Last Modified: 2013-11-16
I am the IT manaer for a medium size company.  We have about 45 computers and 3 servers on our network.  We have a NAT router firwall currently and it is closed to all ports that are not needed inbound.  I have tested this.  The firewall/router is maintained and provided by our ISP.  I recently have had an issue with a computer connecting to an outside ip address and opening 1000+ ports.  Issue explained here
I would like another hardware firwall that I can controll and limit ourbound ports.  

Could someone suggest an easy firewall/internet appliance that is not too $$ and easy to setup and maintain?
Question by:jamessa

Expert Comment

ID: 17807020
What is the budget something around 2000 will get you running a full statefull packet inspection low mainentance appliance and will let you grow as your needs grow.

Author Comment

ID: 17807090
I would like less than that, but if that is where they start I will have to go for it.  I would have to put that on next years budget though.

Accepted Solution

Westez earned 85 total points
ID: 17809211
Take a look at Checkpoints SafeOffice or VPN1 UTM Edge appliances.  I'm not sure of the price, I've heard their under a $1000.  You might try googling for firewall hardware appliances for other products that are out there.

Assisted Solution

idyllicsys earned 83 total points
ID: 17810559
The SonicWall TZ170 Unrestricted with the Complete Security Gateway package sells for about $1100. Or if you can wait a few weeks, they just released the TZ190 for about the same price with a faster processor and a PC Card slot for cellular dial backup.

Author Comment

ID: 17811342
Does anyone have experience with checkpoint or sonicwall?
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

LVL 32

Assisted Solution

rsivanandan earned 83 total points
ID: 17812169
Take a look at Juniper's firewall or Cisco's firewall.

For you NS5gt from Juniper/PIX 501 from Cisco should do.

LVL 32

Expert Comment

ID: 17812173
And yeah, it will come to you about 800 dollars.


Assisted Solution

nitadmin earned 83 total points
ID: 17826750
Hi jamessa,

For easy and quick configuration and best price I suggest Sonicwall TZO 170 with unlimited users.
If you willing to spend some money then go with Cisco PIX 515. However, there a steep learning curve with regard to configuring this device.


Assisted Solution

mahe2000 earned 83 total points
ID: 17835144
try smallest cisco pix (PIX 501)

good luck!!!!

Assisted Solution

jabiii earned 83 total points
ID: 17850957
Personally I'd recommend the Juniper Netscreen. But the PIX is "swell" too :)

Part of choosing your FW, is what kind of support you will be utilizing, whether it be the vendor, or coming here. Your familiarity with the product, cost, performance, etc etc. All of it needs weighed in on your decision.  That's why when people post here asking for a FW. the First thing most expert's respond with, ok, what is your price range, what architecture are you going to be implementing it with, bandwidth etc etc.

Both have 10 vpn limit. Dimensions and weight are similar. But look at your performance.

CIsco 501 Security Applicance
 firewall throughput,                   60 Mbps
 3DES VPN throughput,               3 Mbps
 Concurrent connections:             7,500 (Cisco wins this one vs the 5series)
Dimensions (H x W x D): 1.0 x 6.25 x 5.5 in. (2.54 x 15.875 x 13.97 cm)
Weight: 0.75 lb (0.34 kg)

Firewall performance                   75 Mbps
3DES VPN performance                20 Mbps
Deep Inspection (DI) performance 75 Mbps
Concurrent sessions                    2000
New sessions/second                  2000
Dimensions (H/W/L) 1/8.25/5 inches
1.5 lbs

C 501

NS 5

Here is a checklist, granted it's from Juniper so might be slighted, but will help you compare FW's for you.

Here's some 3rd party studies of FW's.

2006 Products of the year,289483,sid14_gci1160468_tax299825,00.html?track=NL-20&ad=543466&adg=299807


You can also search here there are plenty of other threads like this one, choosing FW's and VPN's. comparing Cisco/Juniper/Sidewinder etc.

My 2 cents :)
Hope it helps.

Author Comment

ID: 17862442
Wow that is good stuff.   Let me look at all of this.


Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Static IP 5 81
Fortinet FWs backdoor vulnerability 3 87
sftp access 4 50
firewall inside of network 9 73
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now