Ughh this is always the first question a new customer asks me. Is there a correct answer to this? Most of the other SMB consulting guys will push them to what ever they make the most money on whether its right for the customer or not.
My answer is always the same, there is no Best over all. It is what is best for you. I have seen customers go from a Cisco Pix HA setup to a Watchguard setup and the Watchguard completely brings down there network. They had to completely redo their IP setup due to the fact that Watchguard will only let you Port forward from External Ports. This customer would have been much better served with a more enterprise level product but due to the owner of the company i was working for they didnt offer anything like that.
There are 4 models i generally stick to, and they can cover 99.99999% of customers i encounter. Checkpoint, Cisco ASA, Netscreen and IBM Proventia. The following features are generally what i evaluate them on.
1. Port Density
2. Scalability
3. Routing
4. IPS**
5. Features
6. Price
7. Management Platform
8. Updates
9. Maintenance Cost
10. VPN Capabilities
Unless the customer is selecting the IBM Proventia M firewall, i always recommend a seperate IPS. The Proventia M uses the same Engine as thair enterprise level G IPS.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment