sub $500-750 CPE firewall for voip-centric application

amuse nanog-amuse at foofus.com
Thu May 5 18:11:54 UTC 2016


What PFSense currently lacks in brand name recognition, they can make up
with by the fact that they offer paid support at very affordable levels.

I'd go with https://store.pfsense.org/SG-2440/ ($499 each) and a quote for
professional services  (
https://store.pfsense.org/Professional-Services.aspx ) to back that up.

On Thu, May 5, 2016 at 10:53 AM, Ken Chase <math at sizone.org> wrote:

> Looking around at different SMB firewalls to standardize on so we can start
> training up our level 2/3 techs instead of dealing with a mess of
> different vendors
> at cust premises.
>
> I've run into a few firewalls that were not sip or 323 friendly however,
> wondering
> what your experiences are. Need something cheap enough (certainly <$1k,
> <$500-750 better)
> that we are comfortable telling endpoints to toss current gear/buy
> additional gear.
>
> Basic firewalling of course is covered, but also need port range forwarding
> (not available until later ASA versions for eg was an issue), QoS
> (port/flow
> based as well as possibly actually talking some real QoS protocols) and VPN
> capabilities (not sure if many do without #seats licensing schemes which
> get
> irritating to clients).
>
> We'd like a bit of diagnostic capability (say tcpdump or the like, via
> shell
> preferred) - I realize a PFsense unit would be great, but might not have
> enough brand name recognition to make the master client happy plopping
> down as
> a CPE at end client sites. (I know, "there's only one brand, Cisco."
> ASA5506x is a
> bit $$ and licensing acrobatics get irritating for end customers.)
>
> /kc
> --
> Ken Chase - Guelph Canada
>



More information about the NANOG mailing list