Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


BTR

BTR

1527 posts

Uber Geek


#127196 2-Aug-2013 11:15
Send private message

HI Everyone

I am looking at options to replace a Sonicwall Firewall. This is to be used in an education environment and will need to provide content filtering and VPN access. The school has 3 full time IT staff so wants a solution that they can manage rather than something managed by someone else.

I have looked at the below brands


Palo Alto
Barracuda
Cisco Meraki




Feel free to give your recommendations

Create new topic
Inphinity
2780 posts

Uber Geek


  #870571 2-Aug-2013 11:26
Send private message

Without having any idea of the competency of the "3 full time IT staff", it's hard to recommend something they can manage. Something like a Cisco ASA 5500-series with a CSC module would be great, but might be over the top for your implementation.

What sort of throughput does it need to handle? How many concurrent VPN sessions? What are your reasons for moving away from your current solution?



Ragnor
8218 posts

Uber Geek

Trusted

  #870903 2-Aug-2013 18:35
Send private message

Why don't they take over management of the Sonicwall themselves?

chevrolux
4962 posts

Uber Geek
Inactive user


  #871015 2-Aug-2013 22:36
Send private message

What's wrong with the Sonicwall? Perhaps just an upgrade.

Sonicwall even have software available specifically for the purpose of BYOD and content filtering. Pretty much aimed at schools. By no means cheap but bloody flash software.



insane
3236 posts

Uber Geek

ID Verified
Trusted

  #871028 2-Aug-2013 23:35
Send private message

BTR: HI Everyone

I am looking at options to replace a Sonicwall Firewall. This is to be used in an education environment and will need to provide content filtering and VPN access. The school has 3 full time IT staff so wants a solution that they can manage rather than something managed by someone else.

I have looked at the below brands


Palo Alto
Barracuda
Cisco Meraki

Feel free to give your recommendations


I've just been through a firewall selection process for a service provider to replace a set of Check Points, which cost a fortune to run and have several limitations for SPs, and found the PA's nice to manage, although maybe not quite as easy to use as the Check Points with Provider-1, but they do tick all the boxes for a school environment. Just be prepared to empty your wallet like Kristen School did for theirs.

When it came to the Cisco offering everything we needed was 'we'll support that at a later date/next release', and their management GUI ASDM? was clunky in comparison, but perhaps OK for a limited ruleset or those who will only touch the CLI.

I never looked at Barracuda, however Fortinet's certainly come in at the right price and offer a great feature set. Management again isn't quite as good as the other, but it's getting better with every release. Would be worth your while giving them a look into.

Is there a pressing reason to drop the Sonicwalls or just scared Dell will destroy what was a good product?



raytaylor
4014 posts

Uber Geek

Trusted

  #871274 3-Aug-2013 17:17
Send private message

I use Kerio Control software program at a few companies for internet monitoring.

They have a firewall system, and walled garden that will integrate into your school active directory system with bandwidth accounting.

So basically when a user connects to the internet, they are asked for their windows username/password. Internet explorer will supply it automatically if the user is logged onto a school computer on the domain. SO this means you can easily just add open hotspots around the school for the kids to connect to, and the walled garden will pop up on their own devices asking them to login.

The firewall does its job

It has detailed usage monitoring - you can print off reports of large file downloads, websites visited etc

Set daily, weekly or monthly bandwidth limits per user. Eg. After 500 megabytes per day they get put into a slow user pool, that might share 1 megabit, or be cut off from the internet until the next rollover.

They have an active url based blocking system - that also has a category for proxies.
The url based system doesnt scan pages for bad words- it sends the URL to kerio's servers and a real person will check the website, classify it, and then put it into the database for future lookups.
So using it, you can block facebook, and websites that proxy facebook.
If a website is unclassified (not likley considering there are thousands using the system) then it will get classified within hours and you can choose to block it based on the category that the website fits into.

Oh it also has a built in antivirus system for http and ftp traffic.

It is licensed by per active user. So only people actually using the internet are counted as active users. You can set the timeout to be 1 hour so kids that are not in computer class at the specific time of the day wont count towards the license count.






Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here


BTR

BTR

1527 posts

Uber Geek


  #871411 3-Aug-2013 21:49
Send private message

The 3 IT staff are all fully competent and Sonicwall certified as well as other various industry and hardware certifications. The reason they are looking at moving away is the appliance has never worked properly from the start and there are now more issues. Some examples are.


* HTTPS websites are only intermitantly filtered. Some times forbidden sites are blocked and sometimes you can access them. (This fault has been there from the start)

* New firmware has now killed the forbidden URL list in the students content filtering policy and the result is students can now access all websites that were previously blocked. (Firmware was only upgraded two weeks ago)

* The appliance has now developed a fault that causes it to reboot every 2-3 minutes therefore internet has now become unusable (This only happened on Friday)


Also since the company has been acquired by Dell support has gone down hill.

Long story short a school needs rock solid content filtering and Sonicwall can't seem to provide that so they would like to get something else.

Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.