Looking for recommendations on the best UTM Firewalls for SMB's...
-
@vhinzsanchez said in Looking for recommendations on the best UTM Firewalls for SMB's...:
Also liking pfSense. Once you got the hang of it, its easy-peasy to manage.
OPNsense is pretty nice too, especially the UI.
-
FortiGate and WatchGuard are the two I have the most experience with and both are pretty solid.
-
I tend to use Edgerouters everywhere I can. That being said - I have 2 Sophos UTMs because of the web filtering mainly. I realize you can put them in transparent mode behind another router but it seems pointless when it can do everything. The country blocking is another feature that works really well. If I needed just a firewall I would never consider them.
-
I would just recommend a different strategy all together because if you're UTM is compromised, then where is the rest of your security going to be? This is why I recommend breaking it apart. AV at the firewall might not be a bad idea, but I would recommend breaking out the IDS/IPS behind the firewall. Also, breaking out the proxy just right behind the firewall as well, if you need one.
-
@nerdydad I agree 100%. Web filtering was the reason for the Sophos. For a school it works very well. What would you use for a filter behind a "normal" firewall?
-
@brandon220 said in Looking for recommendations on the best UTM Firewalls for SMB's...:
@nerdydad I agree 100%. Web filtering was the reason for the Sophos. For a school it works very well. What would you use for a filter behind a "normal" firewall?
Squid (http://www.squid-cache.org/)
PiHole (https://pi-hole.net/)
Safesquid (https://www.safesquid.com/)
Strongarm (https://strongarm.io/)
-
@brandon220 said in Looking for recommendations on the best UTM Firewalls for SMB's...:
@nerdydad I agree 100%. Web filtering was the reason for the Sophos. For a school it works very well. What would you use for a filter behind a "normal" firewall?
@black3dynamite said in Looking for recommendations on the best UTM Firewalls for SMB's...:
@brandon220 said in Looking for recommendations on the best UTM Firewalls for SMB's...:
@nerdydad I agree 100%. Web filtering was the reason for the Sophos. For a school it works very well. What would you use for a filter behind a "normal" firewall?
Squid (http://www.squid-cache.org/)
PiHole (https://pi-hole.net/)
Safesquid (https://www.safesquid.com/)
Strongarm (https://strongarm.io/)
Just like @black3dynamite said. Squid for proxying, Pi-hole for internal DNS filtering and getting rid of ads, and Strongarm for external DNS. I've never used either Squid or Strongarm, but have heard that they are good products.
-
@nerdydad I use PiHole at home and it is great. SafeSquid looks pretty impressive. May have to fire these up in my lab and test them out.
-
I use a Watchguard XTM515 here it is very nice. You just have to sub to the parts you want, IPS, APT, etc.
There are software updates all the time. New features added all the time. Their support is great. -
@brandon220 said in Looking for recommendations on the best UTM Firewalls for SMB's...:
I tend to use Edgerouters everywhere I can. That being said - I have 2 Sophos UTMs because of the web filtering mainly. I realize you can put them in transparent mode behind another router but it seems pointless when it can do everything. The country blocking is another feature that works really well. If I needed just a firewall I would never consider them.
pfBlocker / pfBlockNG on pfSense is great. You'll have a lot fewer kids knocking if you lock out all but the few required countries where you have employees etc. Doesn't make sense for a website maybe, but works great for VPNs for example. Only downside, as with every on-site firewall, is that the traffic already went over your wire, but it helps anyway.
