Watchguard Firewall that can be authenticated by Active Directory

I want to implement a watchguard firewall as i want to be able to control what users can access depending on their logon username through active directory, can you recommend the best model? I'd also like it to be able support a single tier DMZ.
Daniel ForresterDirectorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
WatchGuard XTM in this comparison matrix is useful, key consideration is the no of Authenticated users limit (and any remote VPN for users too) and throughput (watch for your ISP subscribed speed as well since the channel is dependent on it for external traffic)
http://www.watchguard.com/docs/datasheet/wg_product_matrix.pdf 

WatchGuard System Manager, Fireware XTM OS, and WatchGuard Server Center can be considered.
https://www.watchguard.com/docs/brochure/wg_wsm_overview.pdf

WG can use AD or your existing RADIUS to AD. You can create firewall polices to give users and groups access to specified network resources. E.g.  use Firebox authentication over port 4100, account privileges can be based on user name. And authenticate to the AD or third-party authentication servers are based on the security group membership of the user.
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/authentication/active_directory_about_c.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Daniel ForresterDirectorAuthor Commented:
What about creating a single tier DMZ?
0
btanExec ConsultantCommented:
just a matter of configuration of network objects, just two simple use case that you can catch more
Set Up a Public Web Server Behind an XTM Device - http://www.watchguard.com/help/configuration-examples/snat_web_server_configuration_example_(en-US).pdf
Use Public IP Addresses Behind an XTM Device - http://www.watchguard.com/help/configuration-examples/public_IP_behind_XTM_configuration_example_(en-US).pdf
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.