Posts made by bj

Has anyone used safesquid.com? Is it any good? Any other suggestions for proxy type filtering for SMB? Thanks.

Right, that's what I saw as well. I guess I should have specified that better.

Ubiquity looks nice, but from what I can see they don't do the stacking / lagging for HA. I might end up using those in the office, but would like the extra features for prod server HA.

I've heard people say good things about HP, but I've personally never used them. What are your experiences with them?

I'm looking at putting in new production switches that support stacking and lag for HA. I've used a couple of different ones, but want to hear your thoughts on what you guys like to use. Thanks!

Agreed. Thanks.

Thanks @JaredBusch for your concern. I think I've got what I came here for. And no, I'm not ignoring you, or anyone else.

All the best.

I'll have to take a look at xbyte. I was trying to get quotes from SHI, but haven't been too impressed with them thus far.

@bigbear, no worries, I understood what you were trying to say. I just wanted to clarify why I was asking. The only firewalls that we've spoken about here that I haven't had experience with are the ubiquities, and honestly, I hadn't even heard of them until this conversation. But that's precisely why I wanted to have this conversation. I wanted to hear what I didn't know, and I did.

In regards to PAs, there were a few features I really liked when I used them. 1) The applications. I loved how the PAs could detect if somebody was trying to pass traffic through a port that wasn't what the port was opened for. No, I personally haven't seen that stop any huge threats, but it at least closed a theoretical gap in firewall logic for me, that I may open up certain ports on the firewalls, but I have no guarantee that what I'm opening them for is what they will be used for. And 2) The stats page is really quite impressive. I love that I can see what traffic is going to china, etc. This type of information, if regularly monitored, could easily help identify traffic that is out of the norm. No, it isn't the only place you could get that type information, but we didn't have anything else set up for that, so for us it was. And 3) The config audit is very nice. I love being able to look back in the config to find who changed a certain setting and when. It's always been a pet peeve of mine when I know I didn't change something on the firewall, and I don't know who to ask about it. And sometimes, everyone denies it anyway. It's great to be able to pin down a change to a person and a time. It really makes the firewall audits required by PCI a lot easier too. If nothing has changed, you can prove it, and you don't have to look through every single setting, just in case. Or if only one setting was changed, you can see that, and then you are done. It made auditing easy.

I don't know how the Ubiquities do on those features, but I know the SW certainly don't do well on those features. My last job had the duty of auditing firewalls, and I had to audit both PAs and SWs... I hated auditing the SWs, but the PAs were really quite easy to audit. The SWs didn't even have a human readable config. I found some tools to make the config quasi readable... but even then, it was difficult to read at best.

Cool. We'll definitely consider them. I appreciate your recommendations.

And @bigbear, thanks for that... um... "not slight". I'm not going into this blind. I've used PA, ASA, and SW before (but not all very recently). I recognize that asking questions like this can make me come off as a noob, but that I am not. I do like having a forum where I can bounce ideas off others. Unlike some of you, I don't interact a ton with other IT professionals (my currently company only has one other guy), and so sometimes I feel a little siloed. As such, I came here to get some feedback on decisions I have to make that will have a lasting effect on the company I work for. Please don't assume that because I seek and value your opinions that I lack in experience. I just like to make sure I have good information before I jump all in. Thanks.

Sorry @Texkonc, I'm just trying to decide if it is worth switching vendors, or if it doesn't really matter. Thus far, I've got the impression that people might prefer dell, but they haven't exactly come out and said it. I don't want to change vendors just because, but I don't want to stay on the same vendor just because either. I get the impression there are people here who have exposure to a wide variety of setups. I was hoping to get feedback from them if they prefer one vendor over another, or if either would do. I'm just trying to make informed purchasing decisions.

So where do you guys go to get your web / db rack-mount servers (and why)?

@Tim_G, @scottalanmiller, looking at their website, it looks like Ubiquity doesn't offer any NGFW features like DPI or filtering. Is that correct? Or am I missing something? (Not that that would rule them out, just making sure I know what they are.)

I haven't spoken with management about the layer 7 security features that can be had on firewalls yet. The device we are moving away from (pfSense) is essentially a layer 4 device. So far the requirements we have talked about have been around reliability and HA. Though, I know that security is important to them, I wasn't planning on getting into the details about the security features of layer 7 firewalls until I had proposals to put in front of them (though I have mentioned one cool feature the PAs have). Right now, I'm trying to decide which firewalls to include in that round-up. At the moment, from what I've heard here, we'll probably be talking about SW, Ubiquity, and PA. My experience with SW has been like yours. Yes, you do have to change some settings to configure them right, but once in place, they've been fairly stable for me. On the other hand, if Ubiquity has a good firewall, I'm open to that possibility as well. And if we can spend the money for it, the PAs definitely get my vote.

I had a sales guy reach out to me about Synology. Have you had any exposure to them?

Gotcha. What's your preference for hardware vendors? The biggest thing for me, is that I miss the Dell iDrac, especially when it came to monitoring hard drives in raid configurations, though I believe we should be able to work something out similarly on thinkmate. I was always impressed with dell support too. I thought it was awesome that they would have a parts and repairs done on site within 24 hours. That came in handy more often for laptop / desktop repair than servers, but it was nice all the same. And when I had to deal with their support techs, I generally felt like they knew what they were doing, which was nice.

Hey... my company has been relying on http://www.thinkmate.com/ for their server needs. This isn't a company I know much about when it comes to server hardware. Do any of you know much about them? Are they any good? What is your hardware brand of choice? I've used dell in the past, and have loved them, but I'm not sure if it is worth trying to make the change.
#servers #thinkmate #dell #hp

@JaredBusch, I appreciate that. I just thought it was funny.

@JaredBusch, but I hear you. UTM definitely adds complications to the network, and with complication comes potential for problems.

@JaredBusch With a recommendation like that, I can't believe none of them chose UTM!