Firewall recommendation

Hello,

We are looking for a all-in-one firewall box with the following functions. Anyone have any recommendations:

- Good standard >100 mbit WAN firewall throughput
- SSL VPN portal style built in, support for mac and pc. a so called clientless solution, user logs in with AD account and should either be able to start a RDP session or a vpn tunnel
- support for pc and mac required for the above vpn function
- If possible the firewall should support two separate LANs on the inside, and support bandwithcontrol for each LAN (split the internet speed between two supported LANs behind the firewall with different ip subnets).

Any recommendations amongst the well known brands?

thanks,
joe
LVL 1
joebilekAsked:
Who is Participating?
 
Rob KnightConnect With a Mentor ConsultantCommented:
Hi,

I believe that a Cisco ASA 5512-X would fit the bill.

It has 6 Gigabit interfaces, 500Mbps real-world firewall throughput, SSL as well as DTLS, IPSEC, L2TP VPNs, supports VPN portals and has QOS for bandwidth control.

AnyConnect Windows and MAC clients available for VPN termination using IPSEC (250 peers out of the box) - use AnyConnect Essentials.

AnyConnect Premium licences are required to unlock full SSL features including portal etc. Available in ranges of licences (has 2 concurrent SSL bundled) for upgrading to 10, 25, 50 etc.

More information here:

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html 

Regards,


RobMobility.
0
 
Tony GiangrecoCommented:
Try the Cisco small business Firewall SA520. We use them and they work very well. Cisco support has been excellent on it.
0
 
joebilekAuthor Commented:
Thanks. Do you know if it supports both the vpn and bandwith control scenarios?
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
joebilekAuthor Commented:
should mention we need the SSL VPN tunnels to be at approx 5 concurrent from start, with option to grow.
0
 
Tony GiangrecoCommented:
0
 
joebilekAuthor Commented:
Thanks, it does not however seem to support LAN port bandwidth control for what I can see.
0
 
joebilekAuthor Commented:
Thanks! Is there any cheaper model that has anyconnect premium and QoS such as this one?

ASA 5505 series does not?

Joe
0
 
Rob KnightConsultantCommented:
Hi,

I don't think the 5505 does but a 5510 might:

http://www.ebay.co.uk/itm/NEW-SEALED-Cisco-ASA5510-SSL50-K9-ASA-5510-SSL-IPsec-VPN-Adaptive-Security-App-/120993649941?pt=US_Firewall_VPN_Devices&hash=item1c2bc89515

That includes 100 SSL licences - best to contact the vendor to make sure that one does everything you need it to.

Regards,


RobMobility.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.