We need a good, cheap firewall for our 100 employee office. Outbound, we host (for over 200 clients) 4 physical servers on different TCP ports (3389, 80, 443, 25). We need port-forwarding ability: port x on Server1 forwards to port y on Server2, port x2 on Server3 forwards to port y2 on Server4, etc.). We also need to throttle traffic so that saturated outbound port 25 (us sending e-mail) does not horribly slow down inbound 3389 (us serving out RDP). Those needs are currently met by ipCop, but ipCop (1) does not print usage reports (we use Untangle for this), (2) does not easily allow us to block a given IP address (yes, I could manually do this with iptables), (3) does not support failover (http://www.firewall.cx/ftopict-3107.html
), (4) does not integrate into Active Directory (minor problem in our environment). We do NOT use VPN. Again, we need this to be cheap if not free.
What would you do?