[geeks] Router / Firewall / Endpoint Thoughts & Ideas
Mark Benson
md.benson at gmail.com
Wed Aug 18 05:39:46 CDT 2021
Hi,
Ib�m in a spot. $work are due to renew our licences for our Watchguard
Firebox at the end of the month. Itb�s a significant wedge for a small
company but we can do it if we need to (afterall we did 3 years ago).
The spanner in the works is I was discussing the matter of packet inspection
middleboxes with an expert in network security (a professional one, not
b�self-proclaimedb�) and they were of the opinion that b�middleboxb�
solutions that do through-traffic packet inspection and re-encrypting SSL
traffic are generally a pain in the ass and not actually that effective. They
were of the opinion that modern pro-active endpoint solutions (that work on
access, not on execution among other measures) are way more effective.
So either:
= We carry on as we are and sink north-side of 3 grand into 3 more years and a
new Firebox (which isnb�t bad rent *if* it works as a effective security)
OR
= We dump the Firebox in favour of a decent Statefull Firewall / Router and
focus on management, pro-active patching and security on endpoints (something
we arguably should be doing anyway) via something like PulseWay (RMM) and
BitDefender (Endpoint Security)
Anyone got any thoughts either way?
Anyone recommend a robust SMB-class router with a comprehensive Firewall, the
chops to handle our needs for 3-way WAN routing, (VoIP, Internet, and SaaS
provider site-to-site VPN - I know - itb�s a shit-show), VPN (Dial-In and
Site-to-Site), onto 2 subnets internally (one for VoIP and one for general
traffic) and all the usual features. Bonus points if it is available with a
VSDL/Annex A modem.
This is exhausting. I swearb&
Thanks,
More information about the geeks
mailing list