I have recommended the NetScreen firewalls from Juniper to several people on
campus. I have had success with these products, and good support from the
company. The interface is very usable and clean. Most importantly,
these firewalls were one of the first models that could be used in
transparent mode. Transparent mode puts the firewall in Layer 2 mode, and
the network settings of the computers behind the firewall do not need to
be changed.
I am happy to speak with anyone on campus about pricing for these devices.
If you are interested, please e-mail me at "[log in to unmask]".
Joe
On Tue, Mar 01, 2005 at 08:18:09AM -0500, Paul Donahue wrote:
> Andrew,
>
> I would have to agree with Dennis on this one. I am a huge fan of the NetScreen product line. Here at VMC we deployed 2 NetScreen 500's running in HA mode. This gives us an effective firewall up to 700Mbps, and VPN throughput at around 250Mbps. It is a very nice product however the model we use is significantly more expensive than your department is looking to pay for. The lower end models are much more affordable. The key to picking the right one is in the details Dennis mentioned.
>
> When we first started planning ours we worked with Joe Budzyn at ACNS who was very helpful in helping us design our security plan. There are many options and configuration possibilities with the NetScreen product many of which are still a mystery to me.
>
> I hope this helps.
>
>
>
> Paul Donahue
> Network/Security Manager/Programmer
> CVM Information Technology Center
> A227 VMC, Michigan State University
> Phone: 353-5551 Fax: 432-2937
>
> >>> dpk <[log in to unmask]> 02/28/05 02:24PM >>>
> Mccormack, Andrew wrote:
> > I have about 8 servers in my department that I want to protect using a
> > hardware firewall. The department needs a hardware firewall priced between
> > 700-1000, maybe a little more.
> >
> > Does anyone use a hardware firewall? Which ones do you recommend?
>
> Any other criteria other than price? i.e. number of interfaces,
> interface speed, total throughput, stateful inspection, bridging/routing
> modes, etc.
>
> Ultimately all firewalls are software, but for an "appliance" based
> firewall, I like Juniper's Netscreen products. They have enterprise
> features at a reasonable cost (in comparison to others). For GUI users,
> the administration interface is fairly intuitive and easy to use. I
> prefer the CLI, which works reasonably well.
>
> dpk
|