<div>
Cisco RV345 VPN router (900 mbits/sec internal throughput) and is under $500.<br />
<br />
Juniper SSG or comparable is better but over $500. We use these at our clients and they will fulfil you need. The Cisco might, the Juniper will.
</div>


<div>
Thank you. Does the Cisco one have an installable Linux VPN client software or the user will have to mess with IPsec ?
</div>


<div>
I use the firmware on both Cisco RV and Juniper as supplied. They are not traditionally programmable machines and have GUI interfaces to set up IPsec tunnels. Cisco is easy, Juniper is more structured and picky.
</div>


<div>
Sorry, I think you did not understand my question. I meant, if the VPN feature is fully configured on the appliance, and the client with windows machines are able to connect to it, how difficult to setup the proper VPN connection on a Linux machine?
</div>


<div>
I just use the interface on the machines I have - simpler in the long run.
</div>


<div>
Blue Street Tech,<br />
Thank you for the detailed answer. The tough security is not a highest priority. But I need to be sure that the users with Linux boxes at their homes could easily connect to the device.
</div>


<div>
It is pretty straightforward and automated. The Virtual Office portal now provides seamless NetExtender installation, connection, and upgrading of Mac and Linux NetExtender clients. A NetExtender RPM package is available for installation on Linux. Just instruct your user base to browse to your public IP/4433 and the client will download and configure once they have put in their credentials.<br />
<br />
If you wanted to perform this manually you can by following these steps:<br />
<br />
NOTE: Super user rights are required to install this software on a Linux OS.<br />
<br />
To obtain a Netextender file for your Linux OS: <br />

<div class="indent">
1. Connect to your mysonicwall.com account at <a href="http://www.mysonicwall.com" rel="ugc">http://www.mysonicwall.com</a>.<br />
2. Click on Download on the left pane, select the Free Downloads <br />
3. Select the NetExtender on Software Type Drop down.<br />
4. Click on the NetExtender client link to download the latest version ( Choose the right package RPM 64/32 bit or TGZ 32bit/64bit )<br />
Note: You can access previous versions by clicking on the “Additional Software Versions” link<br />
5. Save the new NetExtender client file to a directory on your management computer.
</div>
<br />
You're done!<br />
<br />
My previous question about being serious about security was a little rhetorical; we are far beyond the days when security was optional (and some would rightly argue it never was an option); strong security is a necessity. :)
</div>


<div>
Thank you all, TZ300 looks good. That's funny, but I cannot find where can I buy it....
</div>


<div>
Here you go. &nbsp;The price is a bit higher than $484 though, but not by much.<br />
<br />
<a href="http://www.dell.com/en-us/work/shop/dell-sonicwall-tz300/apd/a9714056/software" rel="ugc">http://www.dell.com/en-us/work/shop/dell-sonicwall-tz300/apd/a9714056/software</a><br />
<br />
Be sure to purchase from a reputable vendor and avoid &quot;grey market&quot; items. &nbsp;If they are grey market, you cannot register them and they are not eligible for upgrades.
</div>


<div>
Thank you very much! I have ordered a TZ300 at DELL. It is frustrating though, they need more than a month to fulfill the order. :( &nbsp;I should search somewhere else before I buy, but it is too late now.<br />
Thanks again and have a happy thanksgiving!
</div>


<div>
<div class="content wysiwyg-content">
It should satisfy the following conditions:<br />
1. Capable of 75Mbs bandwidth <br />
2. Up to 25 users<br />
3. Its VPN client must flawlessly work on all client machines including Linux and all modern Windows versions.<br />
4. Costs less that $500<br />
<br />
Currently we use a Sonicwall TZ170, its maximum bandwidth is just 25Mbs
</div>
</div>


It should satisfy the following conditions:
1. Capable of 75Mbs bandwidth 
2. Up to 25 users
3. Its VPN client must flawlessly work on all client machines including Linux and all modern Windows versions.
4. Costs less that $500

Currently we use a Sonicwall TZ170, its maximum bandwidth is just 25Mbs

Please recommend a Firewall+VPN appliance

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.

Networking Hardware-Other

Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite.

Internet Protocol Security

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

SSL / HTTPS

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Network Management

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.