Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


MrAlan

98 posts

Master Geek


#86014 29-Jun-2011 16:18
Send private message

Hi guys,
I'm looking at purchasing a hardware firewall to protect our school from hacking attempts as we are going to be hosting some of our own content (website, moodle etc).

I am looking at the Fortigate 111c http://www.fortinet.com/products/fortigate/111C.html
has anyone had any experience with this product or share their experience with any other fortigate product.

I am also open to suggestions on alternative products.

Thanks,
-Alan

Create new topic
 
 
 

Affiliate link: Shop for sports gear at Wiggle.
billgates
4233 posts

Uber Geek

Trusted

  #487483 29-Jun-2011 16:28
Send private message

Juniper, Watchguard and Sonic Wall are other brands that offer hardware firewalls. Juniper is on the more expensive side. The fortigate product you have selected above has nice specs and features. Having a antivirus subscription along with web filtering on the gateway is always a good idea.




Do whatever you want to do man.

  

drou
25 posts

Geek


  #487494 29-Jun-2011 16:53
Send private message

Take a look to a Mikrotik routerboard, you can have a complete control of the network traffic with one of those...They don't have an antivirus integrated but it support layer 7 filtering that can help and they are really cheap compared with Fortigate. It's just another option to consider :)



 
 
 
 


gehenna
6529 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #487498 29-Jun-2011 16:56
Send private message

I know the WatchGuard Fireboxes are very easy to configure and maintain - it's all gui based and it's easy to understand. I think the low end Fireboxes are pretty cheap too - with an annual maintenance/support contract that is renewable.

xpd

xpd
Im a pirate
10740 posts

Uber Geek

Mod Emeritus
Trusted
Lifetime subscriber

  #487528 29-Jun-2011 18:31
Send private message

We use Watchguard Fireboxs at all our offices around the country for security and VPNs. Straight forward to setup and use. Just installed some of the newer XTM's, took a few mins to get head around the new setup but its great :)




XPD^ / DemiseNZ

 

Blog         Free Games        Twitter

 

My TradeMe Goodies

 

Disclaimer - It wasn't me, the dog ate my keyboard, my account was hacked, I was drunk, ALIENS.

 

I Twitch occasionally and take part in Folding@Home


insane
2416 posts

Uber Geek

Trusted
Subscriber

  #487618 30-Jun-2011 00:29
Send private message

If you can stomach the price you can go with Check Point, undoubtedly they have the nicest UI and if needed there are a number of local support partners.

If you have a server lying around you can even get their virtual version (VSX) which allws you to turn any hardware into a firewall.

/I don't work for Check Point, but do manage around a dozen of them and they are pretty sweet devices, only rather expensive thought.

MrAlan

98 posts

Master Geek


  #487800 30-Jun-2011 12:33
Send private message

Thanks for all the responses.

I had also looked at the Watchguard XTM 520 but their $2k a year subscription fee was a bit offputting.

My plan is to use a dual firewall design with the hardware firewall acting as the first point of contact after the router and only allowing traffic to the DMZ followed by a backend firewall allowing only traffic from the DMZ into the internal network.

I have an old HP ML150 G3 which I was planning to install linux on and configure as a backend firewall however now I will look into both Mikrotik RouterOS and Check point VSX to install on that machine instead.

muppet
2291 posts

Uber Geek

Trusted

  #487828 30-Jun-2011 13:23
Send private message

I use Fortigate's in my employment on a regular basis and I've been pretty impressed with them.  Some of the bigger models are a bit more expensive than other options.

We also use Mikrotik's but more for their routing functionality.  We also recommend Mikrotik's to some of our customers.

If you'd like anymore details on how we use the Fortigates (features and their capabilities etc) feel free to PM me queries.




I hate you.


 
 
 
 


Ragnor
8035 posts

Uber Geek

Trusted

  #487962 30-Jun-2011 16:40
Send private message

Hmm about a year ago we got quotes for a new pair of firewalls.. looked at Cisco, Fortigate and Sonicwall they are all pretty good. Checkpoint was too expensive.

In the end we went with Sonicwall's due to the bang for buck factor.


Chippo
78 posts

Master Geek

Trusted

  #488040 30-Jun-2011 20:02
Send private message

The FortiGate 110c (And 111 if you're looking for WAN Optimisation, Caching etc) are fantastic appliances. We (ICONZ) use FortiGate firewalls exclusively for customer firewall deployments.

Are you looking to put a firewall on the end of a Fiber/DSL circuit with just end-users behind it, or is this going into a colocated environment hosting servers?

A FortiGate will do dynamic routing with IPv4 and IPv6 if you're looking at going down a multi-homed or just redundant connectivity path. As with most vendors they do integrated WIFI for your office as well.

The most important thing I do recommend sizing for your needs. What type of circuit, total throughput for the 3-5 year life of the appliance and where you're going to to be physically mounting it are all important. We deploy mostly 60c, 110c and 200b appliances. If you're going to be doing anything "Smart" like AntiVirus/AntiSpam, Data Leak Prevention and Intrusion prevention or load balancing then talking to someone are all important. Feel free to drop me PM off list if you need any advice. 




I work for a global Data Protection Software company - But my opinions are my own.


sidkumar
84 posts

Master Geek


  #489228 4-Jul-2011 16:14
Send private message

MrAlan: Hi guys,
I'm looking at purchasing a hardware firewall to protect our school from hacking attempts as we are going to be hosting some of our own content (website, moodle etc).

I am looking at the Fortigate 111c http://www.fortinet.com/products/fortigate/111C.html
has anyone had any experience with this product or share their experience with any other fortigate product.

I am also open to suggestions on alternative products.

Thanks,
-Alan



If you are thinking of purchasing a firewall, I am sure you would also have considered cost of configuring, managing and updating it as well. Most of the (public) schools have limited funds and would like to keep their operating cost low. In today's world I would rather recommend a good Internet connection, with access to various hosted solutions, which would not be cost prohibitive for small business and not for profit organizations. There are many hidden costs of in-house hosting, most of it around managing it. If you have a strong IT team which manages the entire spectrum of IT, then go for any good firewall, else I would suggest using hosted platform.


PM me if you need any further information or would like to discuss further.


Sid     

networkn
23211 posts

Uber Geek

Trusted
Lifetime subscriber

  #489237 4-Jul-2011 16:22
Send private message

Sonicwall make exceptional devices with the best support I have come across yet. They have everything on them including the content filtering and packet filtering and real time packet inspection etc. 24/7 support. $999 for the TZ100 roughly I think. The Fortinet stuff is great but the support is hard to get (though very competent when you do get through the rigmarole of giving them the info they want).

Zywalls are also excellent in my opinion. We have been selling a LOT of them over the last 10 years.

webwat
2021 posts

Uber Geek

Trusted

  #491501 9-Jul-2011 20:07
Send private message

MrAlan:
I have an old HP ML150 G3 which I was planning to install linux on and configure as a backend firewall however now I will look into both Mikrotik RouterOS and Check point VSX to install on that machine instead.

Maybe a BSD based firewall for your back end? I think pfSense has a pretty good reputation, with "features often only found in expensive commercial firewalls" if an appliance type of distro is suitable. It started in 2004 as a PC-oriented fork of the m0n0wall project.




Time to find a new industry!


Create new topic




News »

Amazon introduces new Echo devices
Posted 25-Sep-2020 11:56


Mad Catz introduces new S.T.R.I.K.E. 13 Mechanical Gaming Keyboard
Posted 25-Sep-2020 11:34


Vodafone NZ upgrades international submarine network
Posted 25-Sep-2020 09:09


Jabra announces wireless noise-cancelling airbuds, upgrade existing model
Posted 24-Sep-2020 14:43


Nokia 3.4 to be available in New Zealand
Posted 24-Sep-2020 14:34


HP announces new HP ENVY laptops aimed at content creators
Posted 24-Sep-2020 14:02


Logitech introduce MX Anywhere 3
Posted 21-Sep-2020 21:17


Countdown unveils contactless shopping with new Scan&Go tech
Posted 21-Sep-2020 09:48


HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36


GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45


Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56


New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13


Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37


NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27


Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.