| Brett Taylor on 11 Aug 2014 12:33:54 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Network gateway solution for small business? |
As much as I love DD-WRT, pfSense, monowall, and custom ipfw/natd configs, I’d suggest going with something that has legit service contracts behind it. I always heard good things about Astaro but I haven’t really heard much since they became Sophos. Either way, they still look like a decent option worth exploring further: http://www.sophos.com/en-us/products/next-gen-firewall/tech-specs.aspx I’m assuming these would be cheaper than a Sonicwall equivalent, and just as capable. Brett On Aug 11, 2014, at 3:03 PM, Greg Helledy <gregsonh@gra-inc.com> wrote: > We have an office with about 20 employees. We currently use a PC with a Windows-based application to handle connecting our LAN to the internet. The hardware and software/OS install are both aging and reliability is declining, which is proving to be a problem. > > The solutions I see are: > 1. buy a new PC and do a fresh install of the OS and application (both of which we already have licenses for) > 2. buy a new PC and install an OSS alternative (pfSense?) > 3. buy a dedicated gateway/router/firewall appliance > > We are leaning towards 3. for a few reasons: > > a. the router will be easier to maintain, take up less space, produce less noise and heat, and consume less electricity than a PC > b. it looks like we can get a small business-class router for around (~$500) the price of a basic PC > c. we can get an appliance that does out-of-the-box the things we care about, and don't need the additional flexibility that a PC would provide. > > The things we need are: > *gateway with firewall that can be configured to do port forwarding of incoming connections > *ability to handle 2 WANs simultaneously. We have service from two providers, for redundancy. We don't need any complex traffic shaping/load balancing, just need traffic to go to ISP B when ISP A is down. > *DHCP that can assign fixed IPs to networked machines by MAC > *antivirus scanning of traffic, to protect the Windows-based machines on the LAN > *a built-in wireless access point would be nice, but is not necessary (we can just plug something in). > > I have started doing some research but surprisingly, flaky firmware seems to be a frequent user complaint even in this class of device. I love my tomato router at home but we need to stick with factory firmware for this application. If anyone has a recommendation, please send it my way. Thanks in advance, and sorry for the interruption. > > -- > Greg Helledy > GRA, Incorporated > P: +1 215-884-7500 > F: +1 215-884-1385 > www.gra.aero > > -- NOTICE - This communication may contain confidential and privileged > information that is for the sole use of the intended recipient. Any > viewing, copying of distribution of, or reliance on this message by > unintended recipients is strictly prohibited. If you have received this > message in error, please notify us immediately by replying to the > message and deleting it from your computer. > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > -- > This email was Anti Virus checked by Astaro Security Gateway. http://www.sophos.com ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug