Associate
- Joined
- 23 Oct 2002
- Posts
- 428
- Location
- None of your business
Hey guys,
Throwing this out there as I have a budget meeting this week and need to get opinions on hardware selection etc.
I'm not the IT manager but work very closely with him but I'm overall in charge of recommending the selection to the company. We're a medium sized IT consultancy, 70 people maximum at present, that currently use an old out of support Juniper firewall/VPN solution which we need to replace to meet our ISO 27001 compliance next year. We're doing this now as its near financial year so need to build it into the budget for next year.
If you were in the position to select hardware, what would you recommend for a company that uses VPN quite a lot (we have a lot of remote consultants travelling around), which should scale appropriately (probably up to 100-120 concurrent users over the next 3 years) but also allow appropriate logging and interrogation of traffic in the sense of threats, intrusions etc. We don't need IDS as such but we have an in house solution to do passive network sniffing we can utilise for that part.
So far I've looked at Cisco (up to £50k plus ongoing support costs) so I'm trying to get the best bang for the buck. I've personally got experience with Cisco, CheckPoint as well as WatchGuard but outside of that nada
The technical director of the company has recommended a fail over pair of pFSense appliances however after seeing the abortive usage of our technical consultants, to segregate themselves off from the corporate network , its certainly not what I'd call "corporate" polished.
Any insight would be helpful. I'm confident that I can get budget for up to £50k IF the recommendation is sound
I guess the following may help without reading through all my gumpf hehe
* Scales up to 100-120 users;
* Connecting to a 100/100mb synchronous fibre link;
* Should allow interrogation of traffic up to a point (doesn't need DPI);
* Good logging;
* Easy to administer (the IT guy is a bit of a dunce);
* Failover pair;
* VPN client should support all platforms (Windows, Mac, Linux and potentially mobile);
* Site to Site VPN capable (we have two locations in different parts of the UK of which one already uses a Cisco);
* Maximum budget (excluding setup) for a pair of devices.
It's a big ask I know
Cheers for any help
Dino
Throwing this out there as I have a budget meeting this week and need to get opinions on hardware selection etc.
I'm not the IT manager but work very closely with him but I'm overall in charge of recommending the selection to the company. We're a medium sized IT consultancy, 70 people maximum at present, that currently use an old out of support Juniper firewall/VPN solution which we need to replace to meet our ISO 27001 compliance next year. We're doing this now as its near financial year so need to build it into the budget for next year.
If you were in the position to select hardware, what would you recommend for a company that uses VPN quite a lot (we have a lot of remote consultants travelling around), which should scale appropriately (probably up to 100-120 concurrent users over the next 3 years) but also allow appropriate logging and interrogation of traffic in the sense of threats, intrusions etc. We don't need IDS as such but we have an in house solution to do passive network sniffing we can utilise for that part.
So far I've looked at Cisco (up to £50k plus ongoing support costs) so I'm trying to get the best bang for the buck. I've personally got experience with Cisco, CheckPoint as well as WatchGuard but outside of that nada
The technical director of the company has recommended a fail over pair of pFSense appliances however after seeing the abortive usage of our technical consultants, to segregate themselves off from the corporate network , its certainly not what I'd call "corporate" polished.
Any insight would be helpful. I'm confident that I can get budget for up to £50k IF the recommendation is sound
I guess the following may help without reading through all my gumpf hehe
* Scales up to 100-120 users;
* Connecting to a 100/100mb synchronous fibre link;
* Should allow interrogation of traffic up to a point (doesn't need DPI);
* Good logging;
* Easy to administer (the IT guy is a bit of a dunce);
* Failover pair;
* VPN client should support all platforms (Windows, Mac, Linux and potentially mobile);
* Site to Site VPN capable (we have two locations in different parts of the UK of which one already uses a Cisco);
* Maximum budget (excluding setup) for a pair of devices.
It's a big ask I know
Cheers for any help
Dino
