257Roberts
asked on
Help recommend a firewall with bandwidth priority for users
I need to upgrade a SonicWall TZ-180 firewall to a appliance that will limit internet bandwidth to most users, but prioritize bandwidth for a select group of users. Can you recommend a firewall that would do this? About 40 client machines are on the entire network. If I need to supply some more information to help you recommend something, I would be happy to add it.
Have a look at the Cyberoam, great piece of kit. Sorry don't agree that commercial proxies will offer this. You need to identify the user to be able to provide bandwidth policies.
Regards
Jason
Regards
Jason
ASKER
mortal, I can get the MAC addresses of all of the users and identify the ones I want unlimited bandwidth access for. I will need a commercial hardware firewall with good content filtering. I am happy with the SonicWall filtering subscription.
ASKER
Ben, I need unlimited bandwidth for a group of machines. I am not sure what you mean by a "Proxy".
257Roberts, what if the user logs into a different machine?
ASKER
I'm not worried about that, the uses do not switch machines around. I only need unlimited bandwidth access to 7 or 8 machines.
I suggest you have a look at the cyberoam anyway.
ASKER
Which model?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
What is the support from Juniper like? The support on our current SonicWall is terrible, with overseas personnel who cannot speak English well.
257Roberts
For forty users I would look at the 25ia or 35ia. Have a look at the specs. You should also be able to get the second years subscription for free as a trade-up from the sonicwall. This is not the only Firewall product we sell and support but it is worth a good look at.
Jason
For forty users I would look at the 25ia or 35ia. Have a look at the specs. You should also be able to get the second years subscription for free as a trade-up from the sonicwall. This is not the only Firewall product we sell and support but it is worth a good look at.
Jason
I have had no issues with Juniper support when I have needed them but I have also had a very good local reseller (Juniper Partners for the region) providing support both remotely and onsite which has been a great help. Once set up they are very intuitive to manage, I prefer the web based admin of the Juniper over the Cisco ASDM. I have also used Watchguard and Checkpoint devices and the Juniper cleans up from an ease of use perspective.
I am a fan but they dont suit everyone. Definitely give them a look.
Regards
Ben
I am a fan but they dont suit everyone. Definitely give them a look.
Regards
Ben
PS, I have run over 80 people through a Juniper SSG 20 with a 10mbps fibre connection and secondary ADSL 2+ connection connected with an internal ADSL2+ module in the firewall itself. RAM sat under 50% and CPU under 10% with 4 VPN tunnels and about 50 ACL's across 4 security zones.
An SSG5 would easily handle 40 users without issue but is not quite as flexible as the SSG20 as the SSG20 has two modular multi purpose sockets. SSG5 and SSG20 will do 160mbps firewall and 40mbps IPSec VPN which is usually more than a 40 person office requires. There is a significant price jump to the SSG140 which is the next step up and I have never needed one (all my work has been primarily for companies of around 100 people in 4-7 locations and SSG5's and 20's have always been more than enough. I have never had more than 30mbps of internet bandwidth, you might)
Regards
Ben
An SSG5 would easily handle 40 users without issue but is not quite as flexible as the SSG20 as the SSG20 has two modular multi purpose sockets. SSG5 and SSG20 will do 160mbps firewall and 40mbps IPSec VPN which is usually more than a 40 person office requires. There is a significant price jump to the SSG140 which is the next step up and I have never needed one (all my work has been primarily for companies of around 100 people in 4-7 locations and SSG5's and 20's have always been more than enough. I have never had more than 30mbps of internet bandwidth, you might)
Regards
Ben
ASKER
What is the content filtering like on the Juniper? The content filtering subscription for SonicWall is really good, just the support is terrible.
Content filtering on the Juniper is limited as it is primarily a security and networking device, thus my previous mention of a proxy for content filtering. The juniper can do Anti Virus and Anti Spam and a certain amount of web filtering as in anti-malware and anti-phishing but it cannot read web site content and block porn for example.
Regards
Ben
Regards
Ben
ASKER
I would need an firewall that has good website content filtering.
Have a look at the Cyberoam. It is a great piece of kit.
Regards
Jason
Regards
Jason
Juniper have the SRX Series that do what you need but I have never used them. I have only used the SSG's so cannot vouch for them. As a Juniper user of SSG's and SSL VPN though, I doubt they got it wrong. I am interested in the Cyberoam as well myself after looking at them, I had never heard of them but they seem to cover a lot. The only complete security applicance I have experience with (I manage a couple of them) is Netbox Blue. They are an Australian but have partners in other countries. They could be worth a look.
Regards
Ben
Regards
Ben
Regards
Ben