What enterprise GigE Copper firewall?

You got gig line rate through one?

I am some what confused here. What do you mean by "gig line rate" ?

From memory the Cisco ASA 5510 comes with 2 Gigabit Ethernet and the Cisco ASA 5520 comes with 4 Gigabit Ethernet ports.

Or do you mean VPN Throughput rate?
 
I am some what confused here. What do you mean by "gig line rate" ?

From memory the Cisco ASA 5510 comes with 2 Gigabit Ethernet and the Cisco ASA 5520 comes with 4 Gigabit Ethernet ports.

Or do you mean VPN Throughput rate?

Trust to Untrust (or lan to wan..) can you push 1Gbps? The reason I ask is that while they have gig ports you dont necessarily get gig throughput. Many actually quote things like 450Mbps IMIX.
 
Trust to Untrust (or lan to wan..) can you push 1Gbps? The reason I ask is that while they have gig ports you dont necessarily get gig throughput. Many actually quote things like 450Mbps IMIX.

If you want Firewall throughput at true Gb speed on a 2K budget i think your going to struggle.

Cisco ASA 5550, will do it. However, id hate to think of the cost.

Andy
 
SonicWall NSA 3500 - 6 x GigE ports, 1.5Gbps SPI, 50 x IPSEC VPN & 2 x SSL VPN licenses - RRP £2172 (base firewall) + VAT

SonicWall NSA 2400 - 6 x GigE ports, 775Mbps SPI, 10 x IPSEC VPN & 2 x SSL VPN - RRP £1596 (base firewall) + VAT
 
if it were me i would go the juniper route, purely because im experienced with the kit, and i like it. would probably need to up the budget a tad though. what are you actually doing with this device that requires such performance?!
 
im curious about the sonicwall range... how does the licensing work on a ha pair, do you purchase two fully licensed devices, or do you buy a fully licensed box for your active node and a partially licensed box for your passive node?
 
Yeah, always juniper, though the minimum for line rate GIG is going to be an SSG550 I think...not for 2k though...

You're best bet is likely a SSG320 which I think you'll be able to find in your budget.

In terms of other brands the Cisco ASA is trading on the Cisco name alone, it's not a fantastic bit of kit (not terrible either though). Sonicwall and Watchguard I wouldn't touch with a bargepole. Fortigate is interesting, well priced, very high performance but personally I despise the interface and I don't think it has the enterprise pedigree (with is also my main complaint about the Sonicwall and Watchguard).

You do not need that kind of performance though, my current employer host in the region of 15,000 web facing servers and on the average day outgoing bandwidth is ~6GB/s. I can name only a couple of dozen customers who regularly use more than 100Mbps (and we're talking massively well known websites with load balanced server farms for those)
 
im curious about the sonicwall range... how does the licensing work on a ha pair, do you purchase two fully licensed devices, or do you buy a fully licensed box for your active node and a partially licensed box for your passive node?

On an active/passive HA basis, you buy the primary unit + any security services at "normal" price. The second hardware appliance (+ SonicWall support if you want it) can then be bought with extra discount, at least 50% off list. If the primary unit fails, any security services (eg Gateway AV / IPS / AS) transfer over onto the 2nd unit.

SonicOS 5.5 (in beta) adds the start of active-active HA. Initially it's for UTM, so the primary appliance can offload the resource intenstive UTM scanning work to the secondary appliance. I'm not quite sure how that changes buying an HA pair yet.
 
Back
Top Bottom