Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
IrkDesigner2012-12-24 09:14:26
Computer networks
IrkDesigner, 2012-12-24 09:14:26

Do you use a hardware firewall in your organization?

The question itself is: Do you use a hardware firewall in your organization? What vendor? How big is the organization? Identified pros and cons.
And most importantly: does it make sense to replace MS TMG with some kind of hardware solution?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
J
JDima, 2012-12-24
@JDima

Of course yes.
Cisco.
Decent size (a few thousand employees).
Yes, no cons. Works stably.
TMG is already end of life. This is already a reason to soon change it to something. Nothing can be said about other reasons, because you did not voice the requirements.

Report
P
polyakstar, 2012-12-24
@polyakstar

Juniper SRX
www.juniper.net/ru/ru/products-services/security/srx-series/ Can
VPN\IPS\UTM\antivirus

Report
K
KEKSOV, 2012-12-24
@KEKSOV

Interestingly, almost all organizations that are connected to the Internet through one or another hardware router automatically use the firewall built into it. In other matters, and most home users too.
Any vendor has models for almost any requirement. At one time I had a chance to operate the DFL-200 , it was difficult to start it out of habit, but then everything became fine, there were no complaints about stability. It all depends on the needs and size of the connected organization. If I understand correctly, then TMG will be quite difficult to replace if it is deeply integrated into AD. Let's say the same DFL is completely unable to communicate with AD, i.e. a single user control panel with his participation will not work.
Perhaps there are some models that can be more closely friends in Windows. But I believe that a hardware firewall should be used to control traffic no higher than the TCP / IP level. All other access rights and other application-level proxies need to be transferred to the software that runs on the server.

Report
R
rogalsky, 2012-12-24
@rogalsky

Our enterprise uses Cisco ASA.
Which is clearly controlled by people from the SBU

Report
S
Sergey, 2012-12-24
@bondbig

For such a task (FW + IPS + VPN + AV + WEB-Filter), any UTM solution will do. Checkpoint, Stonesoft, Fortinet, PaloAlto, WatchGuard, thousands of them.
Based on my work experience, I recommend Stonesoft, though for the price for such small implementations it will not be the best option. But as for the functionality and ease of management - out of competition, in my opinion.

Report
A
Amurchikus, 2014-05-13
@Amurchikus

I use the Cisco hardware firewall as a base and for the URL I use the TMG web proxy.
True, I don’t really like how it works with HTTPS traffic on it, but I found a partial solution so4net.com/index.php/ru/blog/89-firewall-forefront...

Similar questions
T
traaance2013-09-29 11:16:40
Media server for home music archive 4Reply
C
cosmo512018-07-05 19:59:12
Will the device's imei be broadcast in this case? 2Reply
K
Kirill Gorelov2016-02-18 12:14:58
Transfer files from one computer to another? 4Reply
A
anatoly_tim2016-02-20 12:04:14
How to set up QoS for streaming data (video conferencing) on ​​mikrotik? 2Reply
X
xanep2013-10-20 08:19:40
Wifi drops out when second computer shuts down 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question