Affordable UTM/IPS? - Firewalls

This is a discussion on Affordable UTM/IPS? - Firewalls ; We are a small company that co-lo's currently two 1U servers with a 16 IP Block. We are now doing enough business to justify getting some type of protection in front of our web/database servers (ecommerce) other than just iptables. ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Affordable UTM/IPS?

  1. Affordable UTM/IPS?

    We are a small company that co-lo's currently two 1U servers with a 16
    IP Block. We are now doing enough business to justify getting some
    type of protection in front of our web/database servers (ecommerce)
    other than just iptables.

    In the height of our busy season, we will get close to 4 million hits
    in a month and about 30-40GB of actual data movement over the Internet
    pipe.

    Primary purpose of the box would be to do firewall/IPS activity. Anti-
    Virus scans on inbound mail would be a plus, but not necessary. Same
    with one P2P VPN, but again, not necessary. We do not need all the
    desktop AV, Spyware, etc... features as the box will not be located in
    our office, just in front of our servers.

    Budget is around $1,000 +/- a few bucks. Do not want anything like
    Linksys or Dlink, but at the same time, we are not going to be
    purchasing Cisco ASA's.

    Any input would be appreciated.


  2. Re: Affordable UTM/IPS?

    Xao writes:
    > We are a small company that co-lo's currently two 1U servers with a 16
    > IP Block. We are now doing enough business to justify getting some
    > type of protection in front of our web/database servers (ecommerce)
    > other than just iptables.
    >
    > In the height of our busy season, we will get close to 4 million hits
    > in a month and about 30-40GB of actual data movement over the Internet
    > pipe.
    >
    > Primary purpose of the box would be to do firewall/IPS activity. Anti-
    > Virus scans on inbound mail would be a plus, but not necessary. Same
    > with one P2P VPN, but again, not necessary. We do not need all the
    > desktop AV, Spyware, etc... features as the box will not be located in
    > our office, just in front of our servers.
    >
    > Budget is around $1,000 +/- a few bucks. Do not want anything like
    > Linksys or Dlink, but at the same time, we are not going to be
    > purchasing Cisco ASA's.
    >
    > Any input would be appreciated.


    I've been very impressed with the IBM ISS Proventia Network MFS MX1004
    hits your points, though I don't have a current price on it:

    http://www-935.ibm.com/services/us/i...g/iss/a1027111
    http://www-935.ibm.com/services/us/i...y_brochure.pdf

    Its IPS functionality makes an ASA look positively pedestrian.
    Excellent signature and behavior based AV. Has web filtering if you
    want to use it.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/

  3. Re: Affordable UTM/IPS?

    Yeah, at almost $15k, I would be impressed too. Sorry that's out
    of our price range.

    I just came across the SonicWall PRO 1260. Looks intriguing with the
    built in switch, which would be perfect in our co-lo cabinet. Anyone
    have any experience with it?


    On Sep 20, 2:42*pm, comph...@toddh.net (Todd H.) wrote:
    >
    > I've been very impressed with the IBM ISS Proventia Network MFS MX1004
    > hits your points, though I don't have a current price on it:
    >
    > * *http://www-935.ibm.com/services/us/i...g/iss/a1027111
    > * *http://www-935.ibm.com/services/us/i...n_security_bro...
    >
    > Its IPS functionality makes an ASA look positively pedestrian.
    > Excellent signature and behavior based AV. *Has web filtering if you
    > want to use it. *
    >
    > Best Regards,
    > --
    > Todd H.http://www.toddh.net/



  4. Re: Affordable UTM/IPS?

    Xao writes:

    > Yeah, at almost $15k, I would be impressed too. Sorry that's out
    > of our price range.


    Fortunately you're quite mistaken. The MX1004 is about $1500 or less
    depending on the discount you manage. The price you quote sounds like
    Proventia G class stuff. The signatures are identical in these
    MX1004's though, and for your speed needs, they'll handle it tidily.

    Recent review:
    http://www.scmagazineus.com/IBMs-Pro...4/Review/2351/




    > On Sep 20, 2:42*pm, comph...@toddh.net (Todd H.) wrote:
    >>
    >> I've been very impressed with the IBM ISS Proventia Network MFS MX1004
    >> hits your points, though I don't have a current price on it:
    >>
    >> * *http://www-935.ibm.com/services/us/i...g/iss/a1027111
    >> * *http://www-935.ibm.com/services/us/i...n_security_bro...
    >>
    >> Its IPS functionality makes an ASA look positively pedestrian.
    >> Excellent signature and behavior based AV. *Has web filtering if you
    >> want to use it. *
    >>
    >> Best Regards,
    >> --
    >> Todd H.http://www.toddh.net/

    >


    --
    Todd H.
    http://www.toddh.net/

  5. Re: Affordable UTM/IPS?

    I recommend either the Juniper SSG or Check Point safe@office
    appliance. Outta the two the safe@ is the best value for mine. For
    under $1000 you will be able to handle up to 190/35 Mbps + AV
    inspection. For more info see this link

    http://www.sofaware.com/general.aspx...=152&objID=184

    I would buy from either Dimension Data or IBM, Both are global CP
    partners and get the best buy price.

    Cheers,
    Luke

+ Reply to Thread