Need help choosing firewall. Any real-world experience with Fortigate 310b?
Posted on 2009-04-04
I run a school network with about 400 users, although only 50-100 active at any one time with about 250 computers. 10 up /10 down Internet pipe. We need to replace our existing (aging) firewall with something that is better at stopping proxies and malware sites.
Additionally, I need a very granular approach to creating firewall rules (we have several categories of users, faculty, staff, students and guests, etc.), which is why I was attracted to the Fortigate 310b. I also like that I can firewall my network segments with the 310b and scan internal network traffic for IPS/IDS problems.
Furthermore, it needs to be compatible with eDirectory (Novell).
I have read lots and lots about the Fortigate and like what I've read so far.
However, I'd like to know any real-world issues that people are having now (especially with the latest 4.0 firmware). Any slows? Does this Fortigate have an achilles heel?
I know that virus scanning is best limited to 10MB files and lower because of memory limitations on the box. Just curious if this plays out to any consequence in the real world.
Is there any particular feature of the Fortigate 310b that doesn't work well or that stresses the platform? SSL decryption, perhaps?
Anyway, as you can see I'm trying to locate someone that has been in the trenches with this Fortigate model and can tell me what they like/don't like about it.