My companies currently hardware firewall (an old ZyXEL ZyWALL firewall) and is indeed requiring an update to a new firewall.
It is a small company with a similar small server-environment, so the need for a huge, complex and expensive solution isn’t there but a more “straight-forward” firewall, that can provide the necessary security to our systems and block unwanted elements from the core server and only accept access through our one server which is used as an “gateway” between the Internet and our internal network.
I haven’t that much experience with hardware firewalls so I’m requesting any good advice and/or knowledge on which products will be suited for our specific need.
If you need more information about the specific needs we require, please let me know and I’ll provide them to you.
Sincerely
- Mestika
One might consider an ALIX board running pfSense. pfSense has a relatively intuitive GUI with access to all its features.
Costs would be around $150 including additional stuff like casing, CF cards, power adapter etc.
This solution contrasts to the one of ewwhite as it's based on "free" software. But there's even commercial support available.
In small installations, I like the Cisco ASA series.
In your case, you may want to look at a Cisco ASA 5505 with a 50-user license ( ASA5505-50-BUN-K9 )
This unit surfaces at $500-$600 in the US. This can give basic client and site-to-site VPN, more than enough filtering and access rules, has the benefit of Cisco mindshare and available technical expertise and is relatively inexpensive for the features included.
Juniper SSG-5 devices might be a good fit also. For the simplest of needs, even the Cable/DSL gateway's you can buy at your local electronics store may be sufficient.
I prefer Mikrotik RouterBoard. RB450G is powerful, easy to maintain and price is very decent. At home I use RB433AH with 3 miniPCI wireless cards.