[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 308
  • Last Modified:

tips for new firewall/router with vpn capabilities

in my org we have an old netscreen 5xp. with our growing staff we are running into a user limit on this firewall recently, after contacting juniper i found out this router is end of life and can only support ten users. so i think its time for a new one. i would like to stick wiht netscreens because it has been good in the past and i should be able to up my config. the sales guy at juniper suggested a ssg5, which has no user limit and i can buy vpn clients for $110 for 10 clients. just wanted some input on any pros or cons of this or any other similar device. some preliminary quotes i got are about
700 for the router
70 for one year next day support
110 for 10 clients

thanks,
cory
0
cfischer225
Asked:
cfischer225
3 Solutions
 
itmonitorCommented:
I use watchguard firewalls and they have a very easy vpn manager.  Depending on the model you will receive different features.  
0
 
cfischer225Author Commented:
do watchguards have routers builtin or just firewalls?
0
 
TheCleanerCommented:
I have an SSG5 at home...it's decent.  SSG20 is the next line up and is fantastic for a small office.

Not sure why you'd need to buy VPN clients unless you don't want to use Windows 2003 server's built in RRAS for VPN.

Your config should transfer over somewhat ok as long as you are close to the same ScreenOS version.  I'd make note of everything ahead of time though just in case.

(For the record, I run SSG5's, SSG20's, and SSG520's and they all perform great)
0
 
dpk_walCommented:
5xp last SOS supported was 5.0 and SSG support a minimum 5.4; however, you can do get config from the 5xp and load it to the new SSG series.

I always recommend to upgrade to the same vendor (if possible) for the simple reason of product familiarity. If there is a good product but you are not too sure on configuring it, then it is of no use.

Few of the things which Watchguard(WG) smaller X Edge boxes have which Juniper SSG don't are:
WG X Edge has capability to act as PPTP server so can accept incoming PPTP connection from windows clients (so no need to install any additional licenses), includes SSL VPN license (only 1 though) as well.
However, Juniper scores over in terms of maximum throughput both firewall and VPN.

I would say do a price/feature comparison between different vendors and then zero in on a single product/model.

Please looks at vendors (not in any order):
Juniper SSG series, WG X Edge series, Cisco ASA series, Sonicwall

Please let know if you need clarification about some specific feature/box capability.

Thank you.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now