USG Pro 4 and our Company Security
-
@JaredBusch said in USG Pro 4 and our Company Security:
@jevans said in USG Pro 4 and our Company Security:
Also DPI SSL inspection
Read: Breaks the SSL chain.
That sums it up
-
@travisdh1 said in USG Pro 4 and our Company Security:
We'd need to know your ISP bandwidth to be able to answer this.
We currently are using 50/10 on Comcast Cable, but we will be moving over to a private Fiber network within the next 6 months. With the dedicated Fiber line, we will have 20 Mbps for 13 branches, 50 Mbps for Corporate and 100 Mbps for the DC(Atmosera).
-
@jevans said in USG Pro 4 and our Company Security:
@travisdh1 said in USG Pro 4 and our Company Security:
We'd need to know your ISP bandwidth to be able to answer this.
We currently are using 50/10 on Comcast Cable, but we will be moving over to a private Fiber network within the next 6 months. With the dedicated Fiber line, we will have 20 Mbps for 13 branches, 50 Mbps for Corporate and 100 Mbps for the DC(Atmosera).
This means the USG is more than sufficient because you cna't go faster than it can process traffic.
-
@jevans said in USG Pro 4 and our Company Security:
100 Mbps for the DC(Atmosera).
That's really slow for a DC. You'd normally expect more than that in most cases. This isn't a big deal for you, as your sites are only so fast. but you might get caught with your DC being a bottleneck.
-
@scottalanmiller I have 600 down at home so that is slow.
-
@jmoore said in USG Pro 4 and our Company Security:
@scottalanmiller I have 600 down at home so that is slow.
How much does that cost?
-
@wrx7m $75 a month, just internet though, nothing else bundled
-
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
Daaaaayum!!!! I pay the same for 150/25, internet only. Lucky so and so!
-
@RojoLoco Thats what I had with Spectrum. They pissed me off so I went looking and Grande communications had that and they are much nice to deal with. I had them a long time ago but where I lived would only offer Spectrum at the time. Now since I bought a house I got choices.
-
@RojoLoco said in USG Pro 4 and our Company Security:
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
Daaaaayum!!!! I pay the same for 150/25, internet only. Lucky so and so!
Still better than me... 100/10 for me.
-
@dafyre said in USG Pro 4 and our Company Security:
@RojoLoco said in USG Pro 4 and our Company Security:
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
Daaaaayum!!!! I pay the same for 150/25, internet only. Lucky so and so!
Still better than me... 100/10 for me.
Spectrum is the better of my 2 choices. The other is AT&T
-
@travisdh1 said in USG Pro 4 and our Company Security:
@dafyre said in USG Pro 4 and our Company Security:
@RojoLoco said in USG Pro 4 and our Company Security:
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
Daaaaayum!!!! I pay the same for 150/25, internet only. Lucky so and so!
Still better than me... 100/10 for me.
Spectrum is the better of my 2 choices. The other is AT&T
Same here... Spectrum or Windscream... I'd choose even the most crappy cable provider of any DSL service.
-
@dafyre said in USG Pro 4 and our Company Security:
@travisdh1 said in USG Pro 4 and our Company Security:
@dafyre said in USG Pro 4 and our Company Security:
@RojoLoco said in USG Pro 4 and our Company Security:
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
Daaaaayum!!!! I pay the same for 150/25, internet only. Lucky so and so!
Still better than me... 100/10 for me.
Spectrum is the better of my 2 choices. The other is AT&T
Same here... Spectrum or Windscream... I'd choose even the most crappy cable provider of any DSL service.
I actually have run into a very few situations where DSL actually made sense. Of course they were houses literally right beside the companies head end. That's a 1 in 1000 situation tho!
-
@jmoore said in USG Pro 4 and our Company Security:
@scottalanmiller I have 600 down at home so that is slow.
What does that have to do with anything. What would the DC need more than 100 for based on his use case?
-
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
I pay about $50 for 100/100 from Frontier FiOS.
-
@jevans said in USG Pro 4 and our Company Security:
This is from the Rep:
"UTM (Unified Threat Management) This is where you have multiple layers of security at the gateway to protect against threats. These typically come with a subscription for regular update usually daily or even multiple times a day for their threat updates. Also DPI SSL inspection. "
This is why he was saying the USG will not be a viable option for us.
Why were you even running this by them? They don't really need to know what equipment is running in the rack.
-
@scottalanmiller said in USG Pro 4 and our Company Security:
Another really important thing to point out is that a Unifi USG is a UTM. We never talk about that because that would be a shitty way to sell firewalls. UTM is nothing more than a firewall with some extra features (that we generally recommend against because they are either stupid and wasteful, or if needed shouldn't be on the firewall as that is horrible security practice) and the USG has some UTM features that you can turn on (but most of us don't.)
Unifi themselves wouldn't classify the USG as a UTM device. Are you saying because it's a firewall it should then be classified as a UTM? Thinking a UTM is worthless is one thing, but saying a firewall is a UTM because a UTM is simple a "firewall with worthless added features," seems bizarre.
I feel like we're comparing a VW GTI with a Porsche 911. "The 911 is just an expensive GTI with fancy features." A lot of people would say the Porsche is a waste of money...that both are German cars and get you from point A to B, but they're still not the same.
Maybe Ubiquiti recently added a bunch of features you would find on a Sonicwall/Fortigate/Juniper device?
** An amendment - it looks since I last looked they do IDS/IPS so if you factor that in with the firewall it technically would meet Wikipedia's definition of a UTM, but Ubiquiti would still never classify it as such since every device in that category usually offers some sort of gateway antivirus, content filtering, application control, spam filtering, etc.**
-
@wrx7m said in USG Pro 4 and our Company Security:
@jmoore said in USG Pro 4 and our Company Security:
@wrx7m $75 a month, just internet though, nothing else bundled
I pay about $50 for 100/100 from Frontier FiOS.
Must be nice. $65 for 10/100. Good old Spectrum.
-
@frodooftheshire said in USG Pro 4 and our Company Security:
@scottalanmiller said in USG Pro 4 and our Company Security:
Another really important thing to point out is that a Unifi USG is a UTM. We never talk about that because that would be a shitty way to sell firewalls. UTM is nothing more than a firewall with some extra features (that we generally recommend against because they are either stupid and wasteful, or if needed shouldn't be on the firewall as that is horrible security practice) and the USG has some UTM features that you can turn on (but most of us don't.)
Unifi themselves wouldn't classify the USG as a UTM device. Are you saying because it's a firewall it should then be classified as a UTM? Thinking a UTM is worthless is one thing, but saying a firewall is a UTM because a UTM is simple a "firewall with worthless added features," seems bizarre.
I feel like we're comparing a VW GTI with a Porsche 911. "The 911 is just an expensive GTI with fancy features." A lot of people would say the Porsche is a waste of money...that both are German cars and get you from point A to B, but they're still not the same.
Maybe Ubiquiti recently added a bunch of features you would find on a Sonicwall/Fortigate/Juniper device?
** An amendment - it looks since I last looked they do IDS/IPS so if you factor that in with the firewall it technically would meet Wikipedia's definition of a UTM, but Ubiquiti would still never classify it as such since every device in that category usually offers some sort of gateway antivirus, content filtering, application control, spam filtering, etc.**
Apt comparison.... In both cases marketing is where the money is spent.
-
I don't know why this place provides public hotspot.. their internet sucks.