Solved

which firewall applicance is suitable for my company?

Posted on 2010-08-12
6
504 Views
Last Modified: 2012-05-10
HI, network gurus:

I got a new project from my boss to set up firewall for our company. We have two sites, one is with 50 employees and the other is wit 20 users. Both sites use pure data T1 from Telepacific. I will install firewall applicance behind their white Airtran gateway. I have the following questions need your attention.

1. Which brand should I use? I have a budget of $2800 for HQ and $1500 for the small site. Do I need choose Sonicwall or juniper network. I only know these two brands are big brand.

2. For HQ, some sales recommend sonicwall NSA 2400 totalsecure or Juniper Networks SSG320M Appliance; which one is better or some other suggestions.

3. for the remote site, which one is good?  Juniper Networks SSG20 Appliance or SonicWALL NSA 240 Firewall Appliance.

4. Any suggestion for the installation progress. I never installed firewall before. thank you.
0
Comment
Question by:Jason Yu
6 Comments
 
LVL 11

Expert Comment

by:mattibutt
ID: 33425878
use cisco firewall its got academic wing as well so while you implement it at the sametime you can learn about it as well
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 334 total points
ID: 33426006
1. I'd go with sonicwall.  I'm not familiar with Juniper.2. Sounds like NSA 2400 migh suit you well for the site with 50 users.3. TZ210 should be sufficient for the 20 user site.4. You want to make sure the Sonicwall appliances have public IP addresses.  I'm not familiar with the gateway hardware provided by your ISP.  You'll want to coordinate with them on connecting your SW with their hardware.  In the end, public IP on the WAN interface of the SW.
0
 

Accepted Solution

by:
Jason Yu earned 0 total points
ID: 33431355
Great replies. If I choose cisco firewall, which model should I buy, from which company.

Thanks.

If the price is not very different, I will go cisco, if not, I will go sonicwall.
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 
LVL 33

Assisted Solution

by:digitap
digitap earned 334 total points
ID: 33431474
I'm not familiar with Cisco hardware to make that recommendation.  Your zones need to be modified to include some Cisco experts.  Currently, you only have one zone.  If you are uncertain which zones would be best, click the Request Attention in the lower right hand of your question above and request a Mod's help in suggesting and changing the zones of your question.  Initially, you can only select 3 zones, but a mod can add more than that to get more attention.
0
 
LVL 4

Assisted Solution

by:Zxeses
Zxeses earned 166 total points
ID: 33436127
Personally, I'd balk at setting the budget before the proper devices are chosen.  If you get a Cisco, you get all the community support that goes with it.  If you get any other brand, you're pretty suck solving most issues on your own or with direct company contact.

Full retail on a Cisco ASA 5520 is about 10k, but you don't need to buy a new one and there are tons of discounted new ASA's out there.

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

May I suggest for your needs:
Cisco ASA 5510 Security Plus Firewall Edition Bundle
Includes: 2 Gigabit Ethernet + 3 Fast Ethernet interfaces, 250 IPsec VPN peers
$2700+

And for the remote site:
#ASA5505-SEC-BUN-K9
The 5505 is plenty for your remote needs, and this one is $1044 sale price and has a full feature set including support for two ISP's.

Both of these fit perfectly into your current budget.  While I'd be inclined to use the 5520 on your main site, that does not fit the budget you mention.

0
 
LVL 33

Expert Comment

by:digitap
ID: 33739402
glad we could help and thanks for the points!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5506 - port forwarding not working 10 93
Network Router- Access control List 4 70
New VoIP phone system - what networking changes should be made 4 244
TZ400 2 24
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question