Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

which firewall applicance is suitable for my company?

Posted on 2010-08-12
6
Medium Priority
?
509 Views
Last Modified: 2012-05-10
HI, network gurus:

I got a new project from my boss to set up firewall for our company. We have two sites, one is with 50 employees and the other is wit 20 users. Both sites use pure data T1 from Telepacific. I will install firewall applicance behind their white Airtran gateway. I have the following questions need your attention.

1. Which brand should I use? I have a budget of $2800 for HQ and $1500 for the small site. Do I need choose Sonicwall or juniper network. I only know these two brands are big brand.

2. For HQ, some sales recommend sonicwall NSA 2400 totalsecure or Juniper Networks SSG320M Appliance; which one is better or some other suggestions.

3. for the remote site, which one is good?  Juniper Networks SSG20 Appliance or SonicWALL NSA 240 Firewall Appliance.

4. Any suggestion for the installation progress. I never installed firewall before. thank you.
0
Comment
Question by:Jason Yu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 11

Expert Comment

by:mattibutt
ID: 33425878
use cisco firewall its got academic wing as well so while you implement it at the sametime you can learn about it as well
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 1336 total points
ID: 33426006
1. I'd go with sonicwall.  I'm not familiar with Juniper.2. Sounds like NSA 2400 migh suit you well for the site with 50 users.3. TZ210 should be sufficient for the 20 user site.4. You want to make sure the Sonicwall appliances have public IP addresses.  I'm not familiar with the gateway hardware provided by your ISP.  You'll want to coordinate with them on connecting your SW with their hardware.  In the end, public IP on the WAN interface of the SW.
0
 

Accepted Solution

by:
Jason Yu earned 0 total points
ID: 33431355
Great replies. If I choose cisco firewall, which model should I buy, from which company.

Thanks.

If the price is not very different, I will go cisco, if not, I will go sonicwall.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 33

Assisted Solution

by:digitap
digitap earned 1336 total points
ID: 33431474
I'm not familiar with Cisco hardware to make that recommendation.  Your zones need to be modified to include some Cisco experts.  Currently, you only have one zone.  If you are uncertain which zones would be best, click the Request Attention in the lower right hand of your question above and request a Mod's help in suggesting and changing the zones of your question.  Initially, you can only select 3 zones, but a mod can add more than that to get more attention.
0
 
LVL 4

Assisted Solution

by:Zxeses
Zxeses earned 664 total points
ID: 33436127
Personally, I'd balk at setting the budget before the proper devices are chosen.  If you get a Cisco, you get all the community support that goes with it.  If you get any other brand, you're pretty suck solving most issues on your own or with direct company contact.

Full retail on a Cisco ASA 5520 is about 10k, but you don't need to buy a new one and there are tons of discounted new ASA's out there.

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

May I suggest for your needs:
Cisco ASA 5510 Security Plus Firewall Edition Bundle
Includes: 2 Gigabit Ethernet + 3 Fast Ethernet interfaces, 250 IPsec VPN peers
$2700+

And for the remote site:
#ASA5505-SEC-BUN-K9
The 5505 is plenty for your remote needs, and this one is $1044 sale price and has a full feature set including support for two ISP's.

Both of these fit perfectly into your current budget.  While I'd be inclined to use the 5520 on your main site, that does not fit the budget you mention.

0
 
LVL 33

Expert Comment

by:digitap
ID: 33739402
glad we could help and thanks for the points!
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question