Forum Thread

Looking to buy small business firewall appliances.

vbrookie 814 67 February 17, 2016 at 03:07 PM
I am looking for small business firewall appliance.

I had been using IPCOP then Smoothwall but I think about time for us to move on.
We have about 20 wired stations now and wireless could be anywhere between 5 to 15 any given time. So with I would like to say about 50 clients would be great. As a small business owner I have not that much time or budget to hire someone to look over this and pay per clients, so I would prefer something that is simple to set up and easy to manage.

What I need is strong content filtering and restrict stations going to websites, use proxies like ultrasurf and use applications and allow certain websites and applications.

I had set up budget about less then $1000 for this but I have no idea which appliance to get.

12 Comments

1

Sign up for a Slickdeals account to remove this ad.

#2
I'm mainly familiar with the WatchGuard line of UTM firewall products. The level of control is astounding, but I wouldn't call it simple to set up. Frown There are so many functions and settings that it can be overwhelming at first. There is also a yearly subscription fee to pay for the anti-virus, surf control, auto-blocking of known bad sites, etc.

I use them to keep the bad guys out of doctors offices AND to keep the staff from visiting sites that aren't work related. The staff HATES it, but they get more work accomplished. Wink I basically block the entire internet, then whitelist the sites that are needed for business use. They haven't had a single virus or malware or unwanted toolbar show up on their systems in 5 years now.

They also have VPN servers built in, so you can securely connect to the office net from anywhere. Have more than one office? You can also setup Branch Office VPN's that will keep the office networks connected to each other 24x7 via the internet.

I would suggest contacting them to find out which model will work best for your particular needs. They'll ask the right questions to help you select the right one.
Reply Helpful Comment? 0 0
#3
Jawdrop I agree with HarryH3, Good job! Stick Out Tongue
Reply Helpful Comment? 0 0
Earth 1st! We'll mine the other planets later. Biker

Did you know?

If it can't be grown its gotta be mined
EEK!

The best meal I ever ate was Spotted Owl fried in Exxon Oil! Yumshake head

Expand your horizons. Explore something new. Get a RasberryPi and learn something.
Joined Jul 2009
L5: Journeyman
814 Posts
67 Reputation
Original Poster
#4
Quote from HarryH3 View Post :
I use them to keep the bad guys out of doctors offices AND to keep the staff from visiting sites that aren't work related. The staff HATES it, but they get more work accomplished. Wink I basically block the entire internet, then whitelist the sites that are needed for business use. They haven't had a single virus or malware or unwanted toolbar show up on their systems in 5 years now.
This is what I want to do exactly. We only have to connect to few websites and Citrix apps, if I would like to block everything else. I had worked on Smoothwall and it worked at one point but after update few months ago they have found a way and I see that many staff are using guest, wifi or I have found a abandoned router secretly hidden to connect and I would really like to block everything. All their "work" is slowing our network down and I would like more productivity from our workers.

I would look in to Checkpoint.

Thanks,
Reply Helpful Comment? 0 0
#5
Quote from vbrookie View Post :
This is what I want to do exactly. We only have to connect to few websites and Citrix apps, if I would like to block everything else. I had worked on Smoothwall and it worked at one point but after update few months ago they have found a way and I see that many staff are using guest, wifi or I have found a abandoned router secretly hidden to connect and I would really like to block everything. All their "work" is slowing our network down and I would like more productivity from our workers.

I would look in to Checkpoint.

Thanks,
You could blacklist their wireless devices from accessing the guest wifi. Smilie But really, it sounds to me like you have some HR problems with your workers. When the boss lets it be known that such behavior can result in unemployment, that use should drop tremendously.
Reply Helpful Comment? 0 0
Joined Aug 2005
L10: Grand Master
12,661 Posts
4,824 Reputation
Pro
#6
With 50 clients your probably above the typical Small business device. Is the $1000 budget for just hardware or maintenance and licenses too?
Reply Helpful Comment? 0 0
Vague questions receive vague answers . . . . . .
Joined Jul 2009
L5: Journeyman
814 Posts
67 Reputation
Original Poster
#7
Quote from LiquidRetro View Post :
With 50 clients your probably above the typical Small business device. Is the $1000 budget for just hardware or maintenance and licenses too?
I would like to think ahead. We may not reach that number this year or next but we will eventually get there (hopefully) .

I pulled $1000 budget out of my head but I would set that just for hardware for now, I would love to have minimal maintenance and license fees if possible. If I have to pay little more up front to block every sties and white list couple of customer's sites and ability to login to our customer's Citrix Receiver receive/send email on 10 out of 20 of stations that we have and manage wifi connections on one appliances, I will be happy.
Reply Helpful Comment? 0 0
Joined Jul 2009
L5: Journeyman
814 Posts
67 Reputation
Original Poster
#8
Quote from HarryH3 View Post :
You could blacklist their wireless devices from accessing the guest wifi. Smilie But really, it sounds to me like you have some HR problems with your workers. When the boss lets it be known that such behavior can result in unemployment, that use should drop tremendously.
It only takes one or two bad apples. One day everything was fine but something went wrong and I am suspecting people are downloading torrents on their cell devices. Especially manual workers had no business to connect to wifi at work but I am seeing them watching movies on their phones on their breaks not just Youtube videos . We used to get about 1-2 charging request per week in our office and now there's at least three charging all the time. Killing a wifi access point won't do because our customers requested us to connect to wifi and there's at least one person here every other day.
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

Joined Jun 2005
Let Sleeping Dogs Lie
5,842 Posts
2,384 Reputation
Pro
#9
I used to use an Iprism from st Bernard they are now edge wave
http://www.edgewave.com/products/

they offer a free 30 day trial so you can see how it works, you should lock down the IPs of the workstations and don't allow the users to change them or do an ipconfig Smilie

http://landing.edgewave.com/Evalu...bsite.html
Reply Helpful Comment? 0 0
#10
Quote from vbrookie View Post :
It only takes one or two bad apples. One day everything was fine but something went wrong and I am suspecting people are downloading torrents on their cell devices. Especially manual workers had no business to connect to wifi at work but I am seeing them watching movies on their phones on their breaks not just Youtube videos . We used to get about 1-2 charging request per week in our office and now there's at least three charging all the time. Killing a wifi access point won't do because our customers requested us to connect to wifi and there's at least one person here every other day.
Part of what you need might be a managed switch not just a firewall appliance. Another option is to heavily limit bandwidth using QoS settings.

Regarding the firewall, you should probably care more about it's role in your overall network security than simply controlling your employees.

Watching a video on their phones doesn't mean they're using your network. They could have a generous data plan or could have transferred the video to the phone's memory/sd card.

I don't quite understand what you mean by charging requests... I'm guessing people want to leave their phones in your office to charge or something.

You should separate your guest network from the rest of your network. Don't allow employees to connect their devices to the private non-guest network. Don't allow vpn connections or proxy bypass and and then either QoS to dial up speeds or ban devices that show up on your guest wifi day after day. If you have to you could go as far as setting up a RADIUS server for your private network including all wired devices.
Reply Helpful Comment? 0 0
Last edited by jkee February 18, 2016 at 04:04 PM
Joined Dec 2008
L10: Grand Master
6,316 Posts
1,470 Reputation
#11
I use watchguard also. I agree, 50 users is closer more in the SMB space than small business space. I have both small office watchguards and the larger 8 series for the main office. Small offices i have are no more than 20 users. Most are far less. My main HQ i have about 140 users and 4 of the devices. (2 networks both with failover firewalls). Watchguard is great for the money, but you might be on the cheap side of what you need to spend.
Reply Helpful Comment? 0 0
#12
Reply Helpful Comment? 0 0
Joined Nov 2010
L1: Coupon Noob
2,487 Posts
1,533 Reputation
#13
Quote from vbrookie View Post :
It only takes one or two bad apples. One day everything was fine but something went wrong and I am suspecting people are downloading torrents on their cell devices. Especially manual workers had no business to connect to wifi at work but I am seeing them watching movies on their phones on their breaks not just Youtube videos . We used to get about 1-2 charging request per week in our office and now there's at least three charging all the time. Killing a wifi access point won't do because our customers requested us to connect to wifi and there's at least one person here every other day.
Password the Guest Wifi, making it inaccessible for most and securing wifi for your guests.
Let them know it's for their protection as users can still sniff packets if it's open.
Reply Helpful Comment? 0 0
Page 1 of 1
1
Join the Conversation
Add a Comment
 
Copyright 1999 - 2016. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard