Litigation? Wow. To answer the OP: Any of the Cisco, Juniper, Sonic, Fortinet, etc can be easy to use to maintain. But I'd make sure you have a good understanding of what you intend to do, and what products will satisfy your needs. Demo's are a good idea. One person's definition of easy may not match someone else's. If you know what you're doing and want to roll your own, then go with what you're most comfortable with (linux, bad, etc). Your subject indicates you aren't comfortable with rolling your own, so there is no point to the side debate going on in this thread. Side point: For what it's worth, I use PF on OpenBSD because I like the clean and easy to read syntax. To me, that is *easier* to use, than trying to figure out some point-click GUI. The take away from this is, "what does ease of use mean to you"? Hope that helps.