Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
DM-AVAL

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 71
Reply with quote  #1 
I've been looking at a perimeter firewall and having some experience with Cisco, am considering an ASA 5506 "with FirePower Services" (so apparently all the IDS, AMP and Url filtering).

It looks like, unlike some other solutions, you also have to purchase the "FireSIGHT management center" for a complete and usable implementation.

Fortunately, it looks like this management center can a a virtual appliance and run in VMware/Hyper-V.

But how many separate components are we looking at then?

- ASA 5506 appliance (physical)
- FirePower license (separate - adverstising almost makes it sound like it is included with the above)
- FireSight management center (can be virtualized).

Does that look right?

Thanks!
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 825
Reply with quote  #2 
You may find marketing mentions Hyper-V but production needs VMware.
AMP/ Umbrella is a resale of OpenDNS (which is brilliant) with some Scansafe bundled in (Scansafe support excellent, Cisco support for Scansafe....ok dude, when you want the pizza)

As to all the rest, can't help you.

Have you looked at Palo Alto or Fortinet?
Asking more than suggesting.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
DM-AVAL

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 71
Reply with quote  #3 
I've looked at CheckPoint and Fortinet.

Does Palo Alto have a SOHO firewall?

I'm looking at something *well* under $1000 / 850 euros.

Cisco is a choice, beyond the merits/shortcomings of the product itself, because of their market share: being handy with Cisco switches, firewalls, etc., while not my specialty, can be a plus. Of course, knowledge of any one of the main networking vendor's equipment could be useful, depending on what they use at your organisation, or where you want to work.

And I do understand that the *total* package of what I'm contemplating in my original post probably would exceed $1000.

0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 825
Reply with quote  #4 
Sonicwall TZ300

Does it all you need.
No CLI but good and solid. Decent support as well.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.