The UTM Thread

Caged · 10 Jun 2014 at 00:21

It's time to discuss this particular buzzword. For people wanting a brief overview, UTM generally implies a product with features a step above a pure router or firewall - generally it will be a single-box solution that can handle QoS, VPN (client and site-to-site), web filtering, AV, etc., on top of the standard NAT/routing duties. A few devices are popping up aimed at the small to medium size business end of the market that also include wireless controllers but it's incredibly rare that anybody who is good at UTM boxes can also produce a decent AP - the only exception to this rule is Meraki, but that's not really a system where the appliance is also a wireless controller.

My experience lies mainly with Sonicwall and Meraki, neither of which I'm hugely happy with. The Meraki MX series are great until you start scratching the surface, and firewall rules quickly become unmanageable, and they really struggle to keep their documentation up to date with the product. I've heard good things about the new Sophos/Astaro boxes as well but not had a chance to use one yet. Hopefully the UI demo site doesn't do it justice.

Anybody got any Juniper experience?

Caged · 10 Jun 2014 at 10:25

#Chri5# said:
What are your negatives on SonicWall?

I work for a SonicWall reseller, so obviously like them but I'm not blind for some of the shortcomings and foibles they have.

We've never really used the SonicWall APs, though I am currently reviewing our choice of AP (and associated management). Plenty of choice to say the least!

I really dislike the granularity of the feature licensing approach of the Sonicwalls, when features that would generally go hand-in-hand are separate licensable features. That and the UI is pretty bad all things considered - it's powerful but the developers haven't quite worked out how to expose that power in a nice way. I've not tried the 5.9x firmware track yet but from what I've heard it's an attempt at a UI update but it's a mess of Dell and Sonicwall branding at the moment.

Little things like rules opening in a popup window, but reusing that same window so it's impossible to compare two side-by-side get really irritating.

Sonicpoints are terrible as well.

Caged · 17 Jun 2014 at 01:10

neil_g said:
Sophos took over the Astaro range.

Their APs are actually very good, been running them for several months now.

They top out at a 2 spatial stream dual-band n with inflexible mounting options and a requirement for PoE+, it doesn't look like they are taking that product range seriously at all.

Caged · 23 Jun 2014 at 20:51

See if Softcat do the hardware or if they are just a software partner. They are great at everything else so I don't see why they wouldn't also be good for hardware.