Solved

Which Gui-Based firewall should I purchase for my new Comcast Business Internet (5 Static IPs)?

Posted on 2014-09-09
16
274 Views
Last Modified: 2014-09-17
I am Sr. Exchange Engineer and am setting up a lab (or two) in my home.  I ordered Comcast Business Class Internet which includes 5 static IP addresses.   I understand networking, NAT'ing, port-forwarding etc... enough to request it of our networking team so my projects can move forward ;-)  However, I will leave the command line interfaces to you networking gurus.  

I am looking for a reasonably-priced, relatively easy to configure GUI-Based Firewall with decent features.
I do not know where the balance between price and features sit.  I have heard that chicks dig sonicWALL but I am completely open to suggestions.  

Obviously, the firewall must allow me to NAT/port-forward all 5 static IP's to different hosts/ports.  Features beyond that?  I am not sure, so I turn to you folks to let me know.  Is $200 maximum (new/used) completely ridiculous?  If I need to spend more - I will.  I have the internet on its way first of next week.  I am in North Atlanta so I am open to your suggestions via any bricks & mortar, online shop (ebay etc..) or Atlanta craigslist http://atlanta.craigslist.org/sss/

Thank you so much for your time in advance!

KB
0
Comment
Question by:K B
  • 6
  • 5
  • 4
  • +1
16 Comments
 
LVL 9

Expert Comment

by:nattygreg
ID: 40313362
comodo or avast
0
 
LVL 5

Author Comment

by:K B
ID: 40313369
Thank you for your reply.  
I am looking for a hardware-based solution.
I am also looking for specific recommendations (model number).
Maybe a little bit about why I should purchase that particular device.
There is a chance I will implement Microsoft's TMG in the DMZ as well.
Thanks again!

KB
0
 
LVL 11

Expert Comment

by:Bryant Schaper
ID: 40313468
Cisco ASA, maybe $600 you could find used.  They are widely used so your internet level of support is much higher.

Sonicwalls are nice, kind of think of them as small business.  Juniper SSG/SRX you may be able to find cheap as well, but they are a different beast and I have had trouble finding great support/assistance with them even from the VAR.  They always had to Call Juniper support.

I think with an ASA you will be happy for a long time, but others may be lacking if you want to really learn the networking side more.

What is your goal?
0
 
LVL 5

Author Comment

by:K B
ID: 40313481
Thank you for your reply!
I definitely do not want to learn networking - this is so I can sharpen my server skills only.  
I need something that is easy and GUI-Based.  
I do not want to dedicate more than 1 day getting this thing up and running.
So when you say small-business that sounds great - whatever will meet the needs of what I described.
Ultimately, I have no idea what I am looking for - I just know the minimum features I need and look to you to tell me what else will come in handy down the road (including which device you recommend).  So I am not kicking myself for one or two features that I should I have invested in to begin with.  
What I know now is that I need to be able to use 5 IP addresses at once and port forward/NAT.  
Perhaps a DMZ feature, as I want to run a Microsoft TMG server in my lab.  

What else do I need?
I am sure you guys know.  
To summarize, I do not want to learn networking and I need a GUI.  
This is just for a server-lab and I apologize if I did not make that clear earlier.

Thanks again!

KB
0
 
LVL 11

Accepted Solution

by:
Bryant Schaper earned 300 total points
ID: 40313503
Kind of what I thought, Sonicwalls are easy probably just a TZ105 will do it.

I again lean to Cisco, but I say that because of the amount of online community support, and they do have guis now.

NAT/Port forwarding could be accomplished on a router too, lose the firewall feature set sense you don't want to configure anyways.  Security hole yes, but it is a lab.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40317305
I agree with the Sonicwall TZ105. You can get this with a one years CGSS subscription for $357.

http://www.sonicguard.com/TZ105.asp
0
 
LVL 5

Author Comment

by:K B
ID: 40317576
I notice that there is no gigabit support on the TZ-105... Is that a problem?
I suppose I would need a gigabit switch to hang off it?  I suppose the internet speeds dont need the gigabit but my LAN does.  

Any other features i need?
Comparison chart
0
 
LVL 11

Expert Comment

by:Bryant Schaper
ID: 40317610
You could upgrade to the 205, might only be a bit more than a gigabit switch addon unless you have one already.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 20

Assisted Solution

by:carlmd
carlmd earned 200 total points
ID: 40318927
To upgrade to a TZ205 with one year CGSS subscription would cost you $664. For the $307 difference you could certainly get a gigabyte switch. An unmanaged 5 port is $35 at Amazon, with other options for not much more.

http://www.amazon.com/NETGEAR-ProSafe-Gigabit-Ethernet-Desktop/dp/B0000BVYT3/ref=sr_1_1/183-2697061-4859915?s=electronics&ie=UTF8&qid=1410514572&sr=1-1&keywords=switch+gigabit+5+port

If the throughput of the TZ105 is not an issue I would stick with that and the switch. If it is, got with the TZ205 which has a 150% improvement.
0
 
LVL 11

Expert Comment

by:Bryant Schaper
ID: 40319689
I guess you would have to decide if you need to CGSS
0
 
LVL 5

Author Closing Comment

by:K B
ID: 40323242
Purchased the TZ 105 on Ebay, new for $218 (w/ free shipping)

Thank you for the direction.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40325197
Hopefully you got the subscriptions with that purchase. Typically referred to as TotalSecure
0
 
LVL 5

Author Comment

by:K B
ID: 40325211
This is just a home lab. I cannot afford the support contract with all the other stuff I am having to buy for the lab.
Is it not easy enough to configure on my own?  What will I lose by not purchasing that?
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40325268
Look at the following to see what is included:

http://www.sonicguard.com/Comprehensive-Gateway-Security-Suite.asp

Without the basic subscriptions your TZ105 will only allow you to create access rules, but will not do any of the other security services, and not have hardware support.

Alternately you can buy just the gateway services (Gateway Anti-Malware, Intrusion Prevention and Application Control) for about $87 for one year. This does not include hardware service or firmware updates.
0
 
LVL 5

Author Comment

by:K B
ID: 40325286
Will I be able to NAT and port forward 5 static IP addresses to internal private addresses without the basic?
I do not need anything fancy.  
Though this is good information to know as my sister is looking for home-business VPN solution.  I might point her in the direction you recommend.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40327605
Yes.

But keep in mind that without the security services active on the Sonicwall it will be nothing more then a fancy router.

Note that your TZ105 includes one SSLVPN license that you could use if needed.
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
Read about achieving the basic levels of HRIS security in the workplace.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now