Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2680
  • Last Modified:

Juniper SSG5 vs. Sophos UTM 220

We currently have 2 Juniper SSG5's setup in Active/Passover High availabilty setup.  We want to upgrade the devices to get more IPS capabilities and are looking at the Sophos UTM 220 with Network Security license/package.  I know it has HA support as well.

For anyone that has experience with both or with just one and knows about the other, I'd like to find out more information about how these devices compare to each other?  In particular, which one can hanlde more load (it will be used at our Data Center for our web applications. It will not be used for web application  filtering (just yet) or website (http/https) filtering (going out), or email filtering).  Is the management of one better than the other or is there something you like better about one?  Any other info on comparing these 2 devices would be helpful.

Thanks!
0
sliknick1028
Asked:
sliknick1028
  • 2
1 Solution
 
btanExec ConsultantCommented:
I am not a user of those UTM but thought this link can help to sieve further. Note that Sophos bought over AStaro, so I see it as their representative. There is a small table test finding on recovery time, although the actual product is not listed but the criteria to lookout such as clustering and time to recovery are something to ask further from vendor. Importantly, it the proper failover and clustering need to be assure..we cannot expect both being claiming a Node master (become two FW)

http://www.networkworld.com/reviews/2007/111207-utm-firewall-test-high-availability.html?nwwpkg=utm

The argument here is that any performance benefits achieved from an active/active configuration would pale in comparison to the guarantee that when a HA event occurs to an active/passive configuration, you'll still have just as good performance as before the event. Because a typical HA event might be a hardware failure that could take a box out for 24 to 72 hours, having the same performance before and after would be pretty important.

A more comprehensive list here
http://www.networkworld.com/reviews/2007/111207-utm-firewall-test.html
0
 
btanExec ConsultantCommented:
Maybe old but thought just for info on SSG series
http://www.itpro.co.uk/121623/exclusive-juniper-networks-ssg-550-utm-appliance-review

Although there's not an open source utility in sight these security services are pretty much standard across a range of vendors but Juniper's deep inspection capabilities make the SSG family stand out. The appliance benefits from protocol anomaly detection and signature inspection which have been taken from Juniper's IDP platforms. The former compares protocols with their RFC to ensure they conform whilst the latter looks for known attacks in the relevant parts of each packet. For example, signature inspection will look in the control portions of an email for a potential attack but not in the header or message body.
0
 
sliknick1028Author Commented:
Thanks for the info!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now