This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG firewall, can't say I'm impressed

Attempted today to swith out the old UTM with XG firewall (home use). Been using this product since Astaro 4.7 (I think), and loved it since day one.

And I can't really say I'm impressed with XG firewall. The GUI is messy while im sure the touch fanboys will love it, personally I hate it.

There don't seem to be a option to see live log. It could be that I didn't look good enough tho.
Country blocking, couldn't get it to work. Don't know if it was even supposed to work.
Specifying FW rules was horrible. I think I actually prefer Windows firewall rule adding to this.

Reporting was powerfull and I can see thats a improved area.

Unfortunatley the XG firewall named Batman was decapitaed and nuked from orbit. Atleast I tried and wanted to like it.

This thread was automatically locked due to age.

Parents

0 JonathanH over 9 years ago

I wouldn't say I wasn't impressed, I did like the modern clean design of the interface. I also really like how much faster XG was to boot and be passing traffic compared to UTM. But...

I've given it a good go, running since RTM. And there have been issues, but in general I've made it past them.

However, I've been chasing some small nuisance problems lately that made me realize it just takes longer to troubleshoot a given problem in XG compared to UTM. In a lot of cases it comes down to one of two things...

1. Inconsistent logging, usually requiring creating your own 'catch all' rule to generate the proper amount of logs.
2. "Real-time" monitoring in XG requires too much scrolling, refreshing, filtering, scrolling and scrolling, to try and catch the information you need to see.

Other things like object based policies and configuration is actually fine to me. That's the way most systems are going with the SDN/SDDC buzzwords passing around. (For example, Cisco ACI is all about things being in/as objects.)

But one of my pet peeves so far in this app is how you reorder policies... seriously, I almost can never "drop" the policy exactly where I wanted it. Again, feeding back into it feeling like it just takes longer to complete a task/troubleshooting effort.

So for now, my XG appliance is powered off waiting on the next release to re-evaluate. UTM is back to being my primary.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 JonathanH over 9 years ago

I wouldn't say I wasn't impressed, I did like the modern clean design of the interface. I also really like how much faster XG was to boot and be passing traffic compared to UTM. But...

I've given it a good go, running since RTM. And there have been issues, but in general I've made it past them.

However, I've been chasing some small nuisance problems lately that made me realize it just takes longer to troubleshoot a given problem in XG compared to UTM. In a lot of cases it comes down to one of two things...

1. Inconsistent logging, usually requiring creating your own 'catch all' rule to generate the proper amount of logs.
2. "Real-time" monitoring in XG requires too much scrolling, refreshing, filtering, scrolling and scrolling, to try and catch the information you need to see.

Other things like object based policies and configuration is actually fine to me. That's the way most systems are going with the SDN/SDDC buzzwords passing around. (For example, Cisco ACI is all about things being in/as objects.)

But one of my pet peeves so far in this app is how you reorder policies... seriously, I almost can never "drop" the policy exactly where I wanted it. Again, feeding back into it feeling like it just takes longer to complete a task/troubleshooting effort.

So for now, my XG appliance is powered off waiting on the next release to re-evaluate. UTM is back to being my primary.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data