Solved

which firewall applicance is suitable for my company?

Posted on 2010-08-12
6
497 Views
Last Modified: 2012-05-10
HI, network gurus:

I got a new project from my boss to set up firewall for our company. We have two sites, one is with 50 employees and the other is wit 20 users. Both sites use pure data T1 from Telepacific. I will install firewall applicance behind their white Airtran gateway. I have the following questions need your attention.

1. Which brand should I use? I have a budget of $2800 for HQ and $1500 for the small site. Do I need choose Sonicwall or juniper network. I only know these two brands are big brand.

2. For HQ, some sales recommend sonicwall NSA 2400 totalsecure or Juniper Networks SSG320M Appliance; which one is better or some other suggestions.

3. for the remote site, which one is good?  Juniper Networks SSG20 Appliance or SonicWALL NSA 240 Firewall Appliance.

4. Any suggestion for the installation progress. I never installed firewall before. thank you.
0
Comment
Question by:Jason Yu
6 Comments
 
LVL 11

Expert Comment

by:mattibutt
ID: 33425878
use cisco firewall its got academic wing as well so while you implement it at the sametime you can learn about it as well
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 334 total points
ID: 33426006
1. I'd go with sonicwall.  I'm not familiar with Juniper.2. Sounds like NSA 2400 migh suit you well for the site with 50 users.3. TZ210 should be sufficient for the 20 user site.4. You want to make sure the Sonicwall appliances have public IP addresses.  I'm not familiar with the gateway hardware provided by your ISP.  You'll want to coordinate with them on connecting your SW with their hardware.  In the end, public IP on the WAN interface of the SW.
0
 

Accepted Solution

by:
Jason Yu earned 0 total points
ID: 33431355
Great replies. If I choose cisco firewall, which model should I buy, from which company.

Thanks.

If the price is not very different, I will go cisco, if not, I will go sonicwall.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 33

Assisted Solution

by:digitap
digitap earned 334 total points
ID: 33431474
I'm not familiar with Cisco hardware to make that recommendation.  Your zones need to be modified to include some Cisco experts.  Currently, you only have one zone.  If you are uncertain which zones would be best, click the Request Attention in the lower right hand of your question above and request a Mod's help in suggesting and changing the zones of your question.  Initially, you can only select 3 zones, but a mod can add more than that to get more attention.
0
 
LVL 4

Assisted Solution

by:Zxeses
Zxeses earned 166 total points
ID: 33436127
Personally, I'd balk at setting the budget before the proper devices are chosen.  If you get a Cisco, you get all the community support that goes with it.  If you get any other brand, you're pretty suck solving most issues on your own or with direct company contact.

Full retail on a Cisco ASA 5520 is about 10k, but you don't need to buy a new one and there are tons of discounted new ASA's out there.

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

May I suggest for your needs:
Cisco ASA 5510 Security Plus Firewall Edition Bundle
Includes: 2 Gigabit Ethernet + 3 Fast Ethernet interfaces, 250 IPsec VPN peers
$2700+

And for the remote site:
#ASA5505-SEC-BUN-K9
The 5505 is plenty for your remote needs, and this one is $1044 sale price and has a full feature set including support for two ISP's.

Both of these fit perfectly into your current budget.  While I'd be inclined to use the 5520 on your main site, that does not fit the budget you mention.

0
 
LVL 33

Expert Comment

by:digitap
ID: 33739402
glad we could help and thanks for the points!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now