Firewall Hardware Consulting

Dear all,
I'm looking for a firewall have functions such as:

1. VPN Site to Site
2. VPN for Client
3. Routing
4. URL filtering
5. File blocking
6. Limited access to internet by IP and User (connect with Active Directory)
7. Modem PPPoe

Please check and list down some HARDWARE product have these function.

Thanks
LVL 1
bmkhoiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

John KratzerCommented:
Sounds like a SonicWall solution.

If they are a smaller client, a TZ210 would do the job for you.

Only thing it does not have in your list is the PPPOE.  You would still need the DSL modem for this.
It also will do E-Mail filtering for Exchange.
0
bmkhoiAuthor Commented:
They are quite big, around 400users and have sonicwall have antivirus function anyway , i forgot to add it to my ASK
0
John KratzerCommented:
The TZ210 will handle up to 500 users.

If you need something bigger they have a NSA3500.
It also has antivirus funcitons.

Each item is just a license.
They also have the option of remote assist built in.  Also a secure SSL VPN web portal.

I have several TX210's and on NSA3500 in operation.  Easy management and there support is great.
0
Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

d0ughb0yPresident / CEOCommented:
The SonicWALL solution would probably be the right road for you, but I'd also suggest looking at the Astaro (now Sophos) solution. I'd look at the ASG 320

I wasn't aware that SonicWALL had an antivirus solution, per se. But I know that Sophos has an excellent one, and they've recently bought Astaro.
0
Don S.Commented:
Fortinet makes a fortigate box that competes well with sonicwall as well.  The one thing I have found over the years, though, is to upsize the appliance at least one or two steps above what they "rate" them for - especially when doing AV or other IDS.  All the manufacturers seem to over rate their true throughput performance substantially.
0
Fred MarshallPrincipalCommented:
Juniper Networks SSG series.  
0
bmkhoiAuthor Commented:
About Sonic Wall, Can I prevent some user in Active Directory (Domain Environment) access to another network or Internet .. by USER !?
I read SPEC and saw authentication LDAP but in some devices this authentication just using for VPN.
0
John KratzerCommented:
Yes you can.  You can control by group or by individual.  You can get as granular as you like.
0
bmkhoiAuthor Commented:
do you have any document about this hardware, cause I want to make it sure before suggest to my site
0
bmkhoiAuthor Commented:
one more question, can limit access to Internet like this solution:

--------------------------------------
1. IP 192.168.0.100 allow
2. user A allow *
3. user C allow
4. Deny all
--------------------------------------

* This user is domain user.
Do I have to config to client anything or just IP and Default gateway like normal and just install some agents on Domain Controller !?
And how do they work !?
0
John KratzerCommented:
No config on the client is neccessary.

You can restrict by IP address of user or of a site.
You can allow by any user or any AD group.

You can also deny sites or site types by groups or individual users.
0
bmkhoiAuthor Commented:
so I wonder how sonicwall can authenticate with Domain Controller to restrict user without install agent on DC server :-?
0
d0ughb0yPresident / CEOCommented:
There is an SSO Agent that gets installed on one machine - typically a server - that communicates between the LDAP and AD, for those purposes.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bmkhoiAuthor Commented:
good support guy
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.