Barracuda vs Meraki - firewalls
-
@momurda said in Barracuda vs Meraki - firewalls:
@dustinb3403 Ubiquiti in SPAAAAACE
Or they forgot a guy was floating around their satellites and just wanted to announce they left a person up there to die. . .
-
@dustinb3403 said in Barracuda vs Meraki - firewalls:
@scottalanmiller said in Barracuda vs Meraki - firewalls:
@bbigford said in Barracuda vs Meraki - firewalls:
The reason for Meraki is central management. This client is spread across many states. I've been fortunate in the past to see their MSP setup; it's amazing and I might like to get back to it.
That's not a reason. Ubiquiti already has that. Meraki doesn't offer anything special there.
UNMS right?
Yup, might not be quite as full features as the Meraki option, but it is free and private and works very well and since it offers terminal access now, it can do anything.
-
@jaredbusch said in Barracuda vs Meraki - firewalls:
@scottalanmiller said in Barracuda vs Meraki - firewalls:
@bbigford said in Barracuda vs Meraki - firewalls:
We've been replacing all client Cisco ASAs with Barracuda F18s this last year. Their price for features is really enticing.
What price is enticing? As I'd consider them not even remotely on par with Ubiquiti security at $45, unless they are around $2 a unit, what makes an insecure useless device with a wide open back door and a company that doesn't believe in security behind it enticing?
You are not comparing the same things. So just stop.
I totally agree with never using Barracuda though because of their poor security history.
They don't have to be the same things. One is good and adds security. One is crap and makes you insecure. If the goal is security, that one claims to be a joke of a UTM and the other just a solid secure firewall, doesn't really matter.
-
@dustinb3403 said in Barracuda vs Meraki - firewalls:
I wonder what their announcement is about.
Where did you get that image, because the UNMS Alpha group is not talking about version 14 yet.
-
@jaredbusch said in Barracuda vs Meraki - firewalls:
@dustinb3403 said in Barracuda vs Meraki - firewalls:
I wonder what their announcement is about.
Where did you get that image, because the UNMS Alpha group is not talking about version 14 yet.
Right on their website. . . unms.com
-
@dustinb3403 said in Barracuda vs Meraki - firewalls:
@jaredbusch said in Barracuda vs Meraki - firewalls:
@dustinb3403 said in Barracuda vs Meraki - firewalls:
I wonder what their announcement is about.
Where did you get that image, because the UNMS Alpha group is not talking about version 14 yet.
Right on their website. . . unms.com
I have never once went there, always unms.ubnt.com
-
Ah, I see it way down on the bottom..
-
Weird that they are announcing something for 0.14 when 0.13 is not even in alpha yet.
In the private UNMS (Alpha) group on their community, there is nothing about 0.14 and only 0.13 for "Early August" as noted right above the space man on the website.
-
@jaredbusch said in Barracuda vs Meraki - firewalls:
@dustinb3403 said in Barracuda vs Meraki - firewalls:
@scottalanmiller said in Barracuda vs Meraki - firewalls:
@bbigford said in Barracuda vs Meraki - firewalls:
The reason for Meraki is central management. This client is spread across many states. I've been fortunate in the past to see their MSP setup; it's amazing and I might like to get back to it.
That's not a reason. Ubiquiti already has that. Meraki doesn't offer anything special there.
UNMS right?
Yes.
That can't manage switches or AP's though right? One of the selling points on Meraki is it can do the entire "stack" in a single UI/management tool.
-
From their website.
Ubiquiti Network Management System (beta)
We invite you to use our new free Ubiquiti Network Management System. You can simply configure, monitor, upgrade, and back up your UBNT devices. Add your routers and switches. You can include your wireless equipment and optical GPON devices as well. And why stop there. You can even manage your client APs with ease. Management of all devices in a single application: UNMS. -
it manages the entire stack.
-
The Ubiquiti is not an UTM in any way. In that space, the leader is Fortinet. No one can beat their price/performance for what they do. I use Ubiquiti in many places, but when a real UTM is needed I choose Fortinet.
-
@francesco-provino said in Barracuda vs Meraki - firewalls:
The Ubiquiti is not an UTM in any way. In that space, the leader is Fortinet. No one can beat their price/performance for what they do. I use Ubiquiti in many places, but when a real UTM is needed I choose Fortinet.
Key word in that is need. When do you ever need all of your network security provided by a single appliance? If they did a better job, or didn't have much lower priced competition, then they'd make a lot more sense.
-
@francesco-provino said in Barracuda vs Meraki - firewalls:
The Ubiquiti is not an UTM in any way.
No, but it's more of a security device than the Barracuda is, which is the point. An insecure UTM has no purpose.
-
@storageninja said in Barracuda vs Meraki - firewalls:
That can't manage switches or AP's though right? One of the selling points on Meraki is it can do the entire "stack" in a single UI/management tool.
Switches, yes. APs, no, you use Unifi for that. Very similar.
-
While the discussion doesn't have to focus only on Meraki vs. Barracuda, the only thing mentioned other than a casual "if you need to spend money, buy PAN" has been a profound "anything other than UBNT is a huge waste of money".
While I deploy UBNT for many orgs, it isn't the only solution. It doesn't even fit with this deployment. Does UBNT offer a comprehensive firewall? No, USG is garbage. Captive portal offering sucks, zero hand off is buggy at best, limited support, and limited warranty. Can't manage multiple CloudKeys under one portal, no WIDS/WIPS from what I've looked at (handled by separate system). But, it's reliable, inexpensive WiFi; I especially like their point to point wireless gear for campus buildings for either primary or failover.
What about Meraki firewalls are "underpowered"? Of course, you have to size according to the need. If it's underperforming, it's the wrong appliance for the application. Someone had pointed out in another discussion that a MX84 throughput is 500Mb where a competitor was rated at 1Gb. But the competitor was listing as stateless, and Meraki was listed as stateful. Comparing stateful, they actually were rated as higher throughput.
I love PAN, but they also have their problems. I've witnessed some of their more expensive firewalls literally (physically) melt down in front of us. But, there are many cases where PAN fits nicely into a given solution.
So is that it... Nothing but UBNT to discuss? They have a solid product for a given application, but the needs of this project extend beyond those capabilities.
-
We have deployed 10 Meraki Mx 84 firewalls in a mesh VPN configbeith minimal fuss so far. Bandwidth on the tunnels between sites has been great and all. Where I have had issues was with content filtering turned on, some necessary ports over the VPN (port 587 to exchange server for our mfp devices) were blocked for no reason. Also the interface is not "logical" in that certain items are not obvious to where they are located.
Now we have added a MX 250 into the mix and it's VPN tunnel bandwidth is beyond poor it's dreadful. I have yet to open a case with Meraki as I'm still troubleshooting but it is nowhere near claimed capabilities; it is on a fiber delivered 1 gig circuit, I am getting less than 50 meg bandwidth. -
@jt1001001 said in Barracuda vs Meraki - firewalls:
We have deployed 10 Meraki Mx 84 firewalls in a mesh VPN configbeith minimal fuss so far. Bandwidth on the tunnels between sites has been great and all. Where I have had issues was with content filtering turned on, some necessary ports over the VPN (port 587 to exchange server for our mfp devices) were blocked for no reason. Also the interface is not "logical" in that certain items are not obvious to where they are located.
Now we have added a MX 250 into the mix and it's VPN tunnel bandwidth is beyond poor it's dreadful. I have yet to open a case with Meraki as I'm still troubleshooting but it is nowhere near claimed capabilities; it is on a fiber delivered 1 gig circuit, I am getting less than 50 meg bandwidth.That stuff is really good to know, thanks.
If you could go back and redo everything, whether it is a different (specific) manufacturer in mind, or different model within Meraki, or different architectural design, etc... What would you have changed, specifically?
-
I would eliminate the need for a mesh VPN and just go pure Internet/"Cloud" for everything. We are working our way towards that but at the time mesh VPN was the quicker option. I would have put my resources on moving to cloud and just needing very basic firewall/routing options for our branches.
-
@dustinb3403 said in Barracuda vs Meraki - firewalls:
ou can include your wireless equipment and optical GPON devices as well
My understanding is it manages their WISP targeted (AirMax) and EdgeSwitch and not their Commercial/enterprise focused UniFI. The edge line of firewall/routers also lack any layer 7 content etc filtering.
