Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 9 subscribers
  • Views 57280 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Next best UTM product recommendations?

MW

We have begun our corporate search for the next great UTM product . 


With the writing on the wall for the UTM series going EOL in the next few years, I was wondering what other firewalls people have had good experience with?  We will be replacing our ageing 525 HA cluster but also need to select a product we use for our customers.   We like to eat our own dog food before we ask our customers to purchase our recommended firewalls.

So, whats out there?  We have tried the sonicwalls and they use the same per policy paradigm crap used by the SophosFS/Cyberroam. 


We need a solution that scales from SMB up to the enterprise space.  And home based usage would be a bonus too.

Ideas?




[locked by: Scott_Klassen at 10:50 AM (GMT 0) on 16 Jan 2016]
  • 0 in reply to Mokaz
    Does anyone know if watchgaurd pricing is comparable to UTM full guard?
  • 0 in reply to MW

    "It would be interesting why Sophos bought cyberroam when they already had the Astaro platform. Somewhere someone though Astaro was a dead-end and the cyberroam train is now full steam ahead."

    I think that possibly every former knowledgeable original makers from Astaro simply left the boat. Also clearly that answer's as to why the urge of buying a new product (agreed, a bad one). I'm wondering if Sophos see's the hit on their sales numbers already, i do think so... A very bad move honestly.. I've already had some doubts about the endpoint code (which if i'm correct was/is a pure sophos dev: https://lock.cmpxchg8b.com/sophail.pdf) which I've moved away from though now there's not much left to keep me here. Well life is change, my future is elsewhere though as said i'm sad about this because I've been a firm endorser of the Astaro technology.. ahh well, move on...

    As for the watchguard pricing i ain't got no clue, i'm currently playing with their XTMv appliance (with no licenses yet...), it looks neat...

  • 0 in reply to bryans2k
    I have a client with two of them...trust me..don't.
  • 0
    I've been a huge fan of the UTM for awhile. I like that the same platform I'm running at work and other SMB companies is the same at my home. Power customization and controls are a huge win. I've turned some other IT friends on to it as well. I'm a little discouraged now with everything I read. Also, with the forums now gone and the "community" pages really lacking and not very active it seems like having to move products at some point is inevitable.

    Like OP, I'm also very interested in what other platform people have successfully jumped ship to. Any products that have corporate use and home prosumer use like UTM does?
  • 0
    I have many HA UTM around and I am still buying license renewal.
    I had bad experience with Watchguard while some good with other vendors.

    I am keeping an eye on Sophos XG (at moment I have installed at home). Many many features are missing but there are some things that UTM can forget and we need to take care of them (Proper CLI, Unified Policy, create custom ips rules and ips per rule). UTM rocks but has some/few limits.
    So I will ask myself this question at the end of the year when XG will have release 2.0 and as Sophos promises, many features will be integrated.

    So keep UTM into your installation and keep an eye on XG too (no now but at the end of the year).

    Luk
  • 0 in reply to MW
    Sophos could give a rats ass about real word functionality. Sophos' interest is large corporate installation, where buzzwords sell, not real world functionality. As long as they continue to win useless awards that mean nothing in the real world, corporate decision makers will buy the garbage and direct the subordinate IT department to deal with. By the time they realize the product is garbage, they will have invested too much to walk away and instead will simply throw more money at the problem, even if it means buying into the next generation of garbage.
  • 0
    Also - as for watchguard..

    I have a few: CLUNKY would be my best description.

    Also, get this:
    I have a customer that has alarm panels out in the field. They can contact the central station, BOUND for ANY port in a range of 1000 ports, but ONLY COMING FROM a specific SINGLE SOURCE port. Watchguard firewall rules DO NOT allow for filtering on SOURCE port!!! They LOG the source port, but there is no way to filter on it. I escalated my issue to the corporate office and talked to the head developer and a board member of the corporation. I was told flat out that they see no need for the ability to filter on the source port of an incoming packet.... given the very clunky interface and that fact, I walked away.
  • 0
    I use some small FortiNet FortiGate (60 Series) for SOHO. I mostly just use firewall features an less of other UTM stuff.
    They are doing a good job.
    But since about firmware v5.1, they always push logs to a cloud space, even if the hardware has a build in hdd.
    I don't compared pricing for bigger ones. The small FateGates are less expensive as simlilar Sophos UTM - even non FullGuard.
    Greetings Nathan
  • 0
    Just look at Dell SonicWALL.
    Look very interesting.
    Any idea how it is?
  • 0 in reply to Goldy
    I have two of them i manage and their are a pain in the ass.