ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Home Network Firewall Options

    IT Discussion
    17
    118
    26.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JaredBusch @Dashrender
      last edited by

      @Dashrender said:

      PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

      This right here.

      pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

      Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

      1 Reply Last reply Reply Quote 2
      • W
        wirestyle22
        last edited by wirestyle22

        Thanks for the info guys. Appreciate it.

        1 Reply Last reply Reply Quote 0
        • J
          jyates @wirestyle22
          last edited by

          @wirestyle22

          @JaredBusch said:

          @Dashrender said:

          PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

          This right here.

          pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

          Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

          Sophos has the same options. Free, but requires a machine to run on.

          https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

          J 1 Reply Last reply Reply Quote 1
          • I
            IT-ADMIN
            last edited by

            i'm currently using pfsense for small size business, it works great all in one, but as other guys mentioned, a PC will consume much more electricity than a router device does

            1 Reply Last reply Reply Quote 0
            • J
              Jason Banned @Dashrender
              last edited by

              @Dashrender said:

              PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

              Cost of hardware isn't the biggest factor.. the power is what will get you.

              I'm using the Edge Router Lite.

              1 Reply Last reply Reply Quote 1
              • J
                Jason Banned @jyates
                last edited by

                @jyates said:

                @wirestyle22

                @JaredBusch said:

                @Dashrender said:

                PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

                This right here.

                pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

                Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

                Sophos has the same options. Free, but requires a machine to run on.

                https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

                It's a resource hog...

                D S 2 Replies Last reply Reply Quote 0
                • D
                  Deleted74295 Banned @Jason
                  last edited by

                  @Jason said:

                  @jyates said:

                  @wirestyle22

                  @JaredBusch said:

                  @Dashrender said:

                  PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

                  This right here.

                  pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

                  Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

                  Sophos has the same options. Free, but requires a machine to run on.

                  https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

                  It's a resource hog...

                  It's not been bad when I used it, even on a junk box processor with 2GB of Ram. What services were you using?

                  J 1 Reply Last reply Reply Quote 0
                  • J
                    Jason Banned @Deleted74295
                    last edited by

                    @Breffni-Potter said:

                    @Jason said:

                    @jyates said:

                    @wirestyle22

                    @JaredBusch said:

                    @Dashrender said:

                    PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

                    This right here.

                    pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

                    Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

                    Sophos has the same options. Free, but requires a machine to run on.

                    https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

                    It's a resource hog...

                    It's not been bad when I used it, even on a junk box processor with 2GB of Ram. What services were you using?

                    Just the basics... but, how much throughput where you getting with it? I have a 150mb home internet connection. It couldn't saturate it. the Edege router Lite can..

                    1 Reply Last reply Reply Quote 0
                    • D
                      Deleted74295 Banned
                      last edited by

                      I was getting 38 when I'm expected to get a 40 down line at home. 100+ MB is not common here yet.

                      This was with all the IPS, gateway AV, content filtering on.

                      Do you remember the spec of the machine? Mine was a core 2 duo, with 2 dedicated gigabit cards for in/out, though it did have a 32GB SSD.

                      J W 2 Replies Last reply Reply Quote 0
                      • J
                        Jason Banned @Deleted74295
                        last edited by Jason

                        @Breffni-Potter said:

                        I was getting 38 when I'm expected to get a 40 down line at home. 100+ MB is not common here yet.

                        This was with all the IPS, gateway AV, content filtering on.

                        Do you remember the spec of the machine? Mine was a core 2 duo, with 2 dedicated gigabit cards for in/out, though it did have a 32GB SSD.

                        Intel Xeon E5-xxx Quad with 8GB of ram and quad on board nic. NO SSD but that's not going to affect a router.

                        D 1 Reply Last reply Reply Quote 0
                        • D
                          Deleted74295 Banned @Jason
                          last edited by

                          @Jason said:

                          Intel Xeon E5-xxx Quad with 8GB of ram and quad on board nic. NO SSD but that's not going to affect a router.

                          Something very very wrong was happening then...maybe the quad NIC? If I get a decent outbound line, I'll try sticking the same box on it and test it. See what the performance is like.

                          J 1 Reply Last reply Reply Quote 0
                          • J
                            Jason Banned @Deleted74295
                            last edited by

                            @Breffni-Potter said:

                            @Jason said:

                            Intel Xeon E5-xxx Quad with 8GB of ram and quad on board nic. NO SSD but that's not going to affect a router.

                            Something very very wrong was happening then...maybe the quad NIC? If I get a decent outbound line, I'll try sticking the same box on it and test it. See what the performance is like.

                            Nope wasn't the NIC.. Worked fine on Pfsense too. They were Intel NIC which are the best for firewalls. The CPU was just pegged out when trying to saturate 150mb, too much overhead with those UTM packages

                            D 1 Reply Last reply Reply Quote 1
                            • D
                              Deleted74295 Banned @Jason
                              last edited by

                              @Jason - Well, if I ever get a connection like that, I'll have a play.

                              I really liked the Sophos when it was on, ran it for about a year, then retired it.

                              1 Reply Last reply Reply Quote 0
                              • S
                                scottalanmiller @Jason
                                last edited by

                                @Jason said:

                                @jyates said:

                                @wirestyle22

                                @JaredBusch said:

                                @Dashrender said:

                                PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

                                This right here.

                                pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

                                Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

                                Sophos has the same options. Free, but requires a machine to run on.

                                https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

                                It's a resource hog...

                                Anything labelled UTM would be. UTMs really can't be used on anything but super slow connections. It's one of the many reasons many of us feel that the entire UTM concept is a silly and dead one.

                                NashBrydgesN 1 Reply Last reply Reply Quote 2
                                • W
                                  wirestyle22 @Deleted74295
                                  last edited by

                                  @Breffni-Potter said:

                                  I was getting 38 when I'm expected to get a 40 down line at home. 100+ MB is not common here yet.

                                  This was with all the IPS, gateway AV, content filtering on.

                                  Do you remember the spec of the machine? Mine was a core 2 duo, with 2 dedicated gigabit cards for in/out, though it did have a 32GB SSD.

                                  150 up 150 down here ^_^

                                  D 1 Reply Last reply Reply Quote 0
                                  • D
                                    Deleted74295 Banned @wirestyle22
                                    last edited by

                                    @wirestyle22 said:

                                    150 up 150 down here ^_^

                                    Don't rub it in you 🙂

                                    1 Reply Last reply Reply Quote 2
                                    • NashBrydgesN
                                      NashBrydges @scottalanmiller
                                      last edited by

                                      @scottalanmiller said:

                                      @Jason said:

                                      @jyates said:

                                      @wirestyle22

                                      @JaredBusch said:

                                      @Dashrender said:

                                      PFSense is a good free option, but it requires you provide your own PC class hardware, and the power bill will probably be 10X or more than an ERX.

                                      This right here.

                                      pfSense is a great solution but requires hardware that will cost you more than an ERX ever will.

                                      Drop another $80-$90 on an UAP-AC-LITE and you have a rock solid home network running basic enterprise hardware.

                                      Sophos has the same options. Free, but requires a machine to run on.

                                      https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

                                      It's a resource hog...

                                      Anything labelled UTM would be. UTMs really can't be used on anything but super slow connections. It's one of the many reasons many of us feel that the entire UTM concept is a silly and dead one.

                                      I've been running Sophos UTM on a 300/100Mbps connection at home (certainly not a slow connection) and easily get full bandwidth usage with everything turned on. Granted I'm running it on a Dell R210 II and it is a bigger resource hog, but for home, I want all of that turned on, especially with teenagers who don't care about sites they visit or what they download. In the SMB (closer to S than M or B of SMB anyway) I've found the UTM approach anything but silly. The simplicity of management is a huge bonus.

                                      D 1 Reply Last reply Reply Quote 0
                                      • D
                                        Deleted74295 Banned @NashBrydges
                                        last edited by

                                        @NashBrydges said:

                                        In the SMB (closer to S than M or B of SMB anyway) I've found the UTM approach anything but silly. The simplicity of management is a huge bonus.

                                        The problem I find with UTMs is they need to be monitored and watched to be used properly. If an attacker is really trying to break in, do you want to hope the magic box works? Or is there monitoring to spot suspicious activity and react to it.

                                        UTMs are a magic box that I'm seeing over-sold, I myself got suckered into buying one and actually, it provides no performance or security benefits to the organisation it protects because the monitoring and reacting that you need to do, is not being done.

                                        NashBrydgesN 1 Reply Last reply Reply Quote 1
                                        • DashrenderD
                                          Dashrender
                                          last edited by

                                          I too went the way of the UTM last time. Sure it did website filtering, but management complained about it.. and DAMN, the vendor wanted 90% the original cost to renew the updates, etc.

                                          I've dumped those and moved to ERLs.

                                          The idea of the LANless design encourages us to do other things to secure our endpoints.

                                          Removing admin rights from those teens machines should offer a fair amount of protection.

                                          1 Reply Last reply Reply Quote 3
                                          • NashBrydgesN
                                            NashBrydges @Deleted74295
                                            last edited by

                                            @Breffni-Potter said:

                                            @NashBrydges said:

                                            In the SMB (closer to S than M or B of SMB anyway) I've found the UTM approach anything but silly. The simplicity of management is a huge bonus.

                                            The problem I find with UTMs is they need to be monitored and watched to be used properly. If an attacker is really trying to break in, do you want to hope the magic box works? Or is there monitoring to spot suspicious activity and react to it.

                                            UTMs are a magic box that I'm seeing over-sold, I myself got suckered into buying one and actually, it provides no performance or security benefits to the organisation it protects because the monitoring and reacting that you need to do, is not being done.

                                            Totally agree that they're too often seen as a magic box but that's a user problem, not a technology problem. I wouldn't recommend a UTM without the appropriate oversight.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 1 / 6
                                            • First post
                                              Last post