Firewall Appliance Suggestions

Jean CLERY jean.clerymrs at gmail.com
Mon Jul 4 22:58:51 UTC 2011


Hi Blake
Try www.netasq.com

Regards,
Jean CLERY


-----Message d'origine-----
De : Curtis Maurand [mailto:cmaurand at xyonet.com] 
Envoyé : lundi 4 juillet 2011 23:41
À : nanog at nanog.org
Objet : Re: Firewall Appliance Suggestions

On 6/30/2011 12:20 PM, Suresh Rajagopalan wrote:
> Linux + iptables + fwbuilder
>
>
>
> On Thu, Jun 30, 2011 at 8:50 AM, Blake T. Pfankuch<blake at pfankuch.me>
wrote:
>> Howdy,
>>                 I am looking for something a little unique in a bit of a
tough situation with some sticky requirements.  First off, my requirements
are a little weird and I can't bend them a whole lot due to stipulations
being put on me.  I am in need a firewall appliance which can be run on
VMware vSphere, with IPSEC support for multiple Phase 2 negotiations within
a single Phase 1.  I am also in need of something that can support VLAN
interfaces on the LAN side, and ideally something with multi zoning so I can
keep LAN side networks separate from each without ridiculous firewall rules.
Meaning build a zone for "Customer network 1" and it displays separately
(ease of management and firewall config hopefully).  I need a minimum of 10
"zones" on LAN side (/29 or /30), and NAT support for LAN to WAN (to
dedicate all outbound connections to a single IP from a specific zone),
ideally something extremely scalable (100-200 zones).  And here is the super
fun part!  I need something that is going to be web managed primarily as
minions will be doing most of the day to day maintenance, or very simple CLI
config.  Willing to pay for something if need be, but looking for something
that can easily handly 50-100mbit of throughput.
>>
>> Any Ideas?
>>
>> Thanks!
>>
>> Blake Pfankuch
>>
Vyatta.  They have an appliance on their website.

--Curtis






More information about the NANOG mailing list