On 9-11-2011 0:06, Jones, Barry wrote:
Hello all. I am potentially looking at firewall products and wanted suggestions as to the easiest firewalls to install, configure and maintain? I have a few small networks ( 50 nodes at one site, 50 odd at another, and maybe 20 at another. I have worked with Cisco Pix, ASA, Netscreen, and Checkpoint (Nokia), and each have strong and not as strong features for ease of use. Like everyone, I'm resource challenged and need an easy solution to stand up and operate.
I am biased because I am a pfSense developer. pfSense is a free open source FreeBSD based firewall with the pf packet filter. http://www.pfsense.org It supports various features and installable packages that might fill your needs. Commercial support is also available. One of the reasons I use it at work is because it is by far the cheapest solution to gigabit redundant (Active/Passive) firewalls. It runs on x86 machines from the low end PCengines.ch Alix 2D3 to something like a dual core Intel Atom for or the higher end on a "normal" server. It is administered entirely via the webUI, saves the config in a XML file you can backup and then restore on pretty much any other hardware you have around should it need to be replaced. The (readable) XML file was also really easy to provision things like hundreds of VPN tunnels instead of clicking through the UI. The PHP command interface allows you to perform scripting operations on the XML as well which comes in handy on mass mutations. Kind regards, Seth