cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
429
Views
0
Helpful
8
Replies

Firewall/Security Vendor Suggestion

m1xed0s
Spotlight
Spotlight

Hey,

Please bare with me before we start the main content...

First, I would need your suggestion. Especially if you got hand-on experience with the following vendor products.

Second, If you could help list Pros and Cons for the suggested vendor/product, that will be great.

Third, prefer to not to make this to be a hugh feature comparison plus no personal attack plz (u know what would happen if someone saying others are better than Cisco here )

So here is what I need suggestion for: we are solely a Cisco shop when selling firewalls to customer, mainly SMB customers. Now we would like to expand our product offering portofolio on the network security side. So we wont stuck with one product(we had a really bad experience end last year of a particular Cisco product). After some digging, I narrow down to followings:

Checkpoint

fortinet

watchguard

There is a big ISP re-selling juniper firewall here in town. So might not be a good idea to join fight with them...

So what is your suggestion? Maybe there are also other vendors/products I missed? Please keep in mind, our target market is mainly SMB.

Also from certification perspective, the value of the cert from vendor? I had CCSP (now called CCNP Security) but expired in 2010 ...

Thanks,

/S

8 Replies 8

Ed Willson
Level 1
Level 1

I really like the Fortinet stuff. You get an unlocked product, and no nickle and dimeing for licenses. The big downside is that if you turn all the possibe features on it..Very Slow.

Thanks, I never worked on Fortinet stuff before but heard their hardwares are good.

I guess the box will run slow for all UTM if all features are turned on.

Collin Clark
VIP Alumni
VIP Alumni

Checkpoints are solid. The only Enterprise worthy firewall. However since you focus on SMB's, they might be too expensive. Watchguards are junk. Fortinets are OK, Some others I have run into are Sonicwalls and Palo Alto.

After some deep reading online, Checkpoints and Palo Alto are both expensive and yes, you are right, SMB probabaly wont spend money on the fancy firewall. That why we are looking at watchguard...

I worked on couple of watchguards. The old ones are hard and funky to work with; the new ones are better now...

Have you looked at Cisco's SMB firewalls or the low end Enterprise ASA5505? Which one did you have a bad experience with?

http://www.cisco.com/cisco/web/solutions/small_business/products/security/index.html-tab-SecuritySolutions

In my opinion a router with security license almost always fits better than a traditional firewall. Do you always sell with UTM up front?

We are Cisco shop right now for SMB firewalls. So we sell alot ASA.

I had bad experience with ISA550W. The software is buggy and support is slow...we eventually replaced it with 5505 for customer at our cost. I donot think ISA500 series page is still available now on cisco product page though...

I personally would argue that dedicated boxes will always be better than UTM but the market for all-in-one just bigger...

The Cisco Router with Security feature is always more experience than a ASA, isnt it?

IMO UTM is strictly a marketing term. In the real world I have yet to see a device that can do everything. A router is not always more money. For example an ASA5505 with unlimited users is more money than an 891 Security router. A 50 user license with Anyconnect is within a couple of hundred dollars of an 891. If you buy a 10 user count license, then the ASA has a lower cost. The nice thing about routers is that they have such a rich feature set. Features like DMVPN, QoS, AVC, Multicast, GRE, PBR, etc that ASA's can't do. The features in IOS should be an easy sell to the customer.

I would have to agree with you however personal experience is Firewall is the term attracts SMB owners, not router...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: