It really depends on what constraints you have. Do you care about: cost? performance? support? Personally, for cost-constrained applications of 1 Gbit/s or less (assuming modestly-sized packets, not all-DNS for example), I like OpenBSD/pf or Linux/netfilter and generic x86 64-bit servers. It's cheap, deeply customizable and since everything touches a CPU, it allows for deep traffic inspection. The tradeoff is that there's no support from major vendors, but there are many smaller but very experienced consulting shops that can integrate any patches and fix and issues that may arise. What kinds of things are you looking for? Cheers, jof On Tue, Nov 8, 2011 at 3:06 PM, Jones, Barry <BEJones@semprautilities.com> wrote:
Hello all. I am potentially looking at firewall products and wanted suggestions as to the easiest firewalls to install, configure and maintain? I have a few small networks ( 50 nodes at one site, 50 odd at another, and maybe 20 at another. I have worked with Cisco Pix, ASA, Netscreen, and Checkpoint (Nokia), and each have strong and not as strong features for ease of use. Like everyone, I'm resource challenged and need an easy solution to stand up and operate.
Feel free to ping me offline - and thank you for the assistance.
---------------------------------------- Barry Jones - CISSP GSNA Project Manager II Sempra Energy Utilities (760) 271-6822
P please don't print this e-mail unless you really need to. ----------------------------------------