I DID spend several hours searching and reading old questions and guides, but I didn't find anything that really answered my questions, so here goes:
Servers: SBS2011 (DHCP & DNS), Win 2008R2 for storage and endpoint, Win SBE2008R2 for workstation backup
Workstations: 30 clients (Win7/8/OSX)
Firewall appliance (current ipCop 2.1.8...failing!)
Email spam/av scanning through Messagelabs cloud (already done before it is relayed to our exchange server)
EDIT: I should add, for RWW we use sharepoint and LOTS of the RDP features.
I am looking at replacing the firewall. I think we are currently using very few features of IpCop. We run external DNS through OpenDNS, we forward port 443 to the SBS2011 box for remote access. We used to use OpenVPN, Copfilter, and Dan's Guardian, but we aren't using any of those features anymore. More recently, we ran a proxy on the internal interface to cache downloads, but even that is disabled.
I just swapped in a "new" hardware box with ipcop, but I'm getting lots of random errors. I'm beginning to think that ipCop is a dying open-source project. A friend recommended I switch to pfsense, but as I start looking at the products out there, I'm wondering if spending up to a few hundred $$ might be worth it (save rack space & energy costs plus time to configure and manage) to invest in basic appliance such as a Sonicwall TZ215/225.
What do I really need? Should I but a Intel NUC, install ipcop/pfsense/ipfire? should I buy one of the more basic Sonicwall/Panda/Barracuda devices? If I do buy one without the VPN licenses, does that mean I can't continue to use the RWW/OWA features of SBS2011?
I'm probably not giving enough information for this, please ask and I'll provide any additional info needed to give me some good advice.