This document provides some resources on firewalls including terms, features to look for, and vendors.
Terms Not Defined Elsewhere
- Stateful Firewall – Inspects protocols.
- Next Generation Firewall – Inspections applications.
Vendors
- Astaro
- Check Point Software
- Cisco Systems
- Fortinet
- Juniper Networks
- McAfee
- Palo Alto Networks
- SonicWALL
Features to Look For
- VLAN Support – Ability to create VLAN’s to separate traffic.
- Ubiquiti UnFi Security Gateway – Supports.
- Meraki MX400 Security Appliance
- IPSec VPN Support – Allows remote clients to establish a VPN connection to the network.
- Meraki MX400 Security Appliance – Supports.
- Site-to-Site Virtual Private Network (VPN) Support – Ability to create a VPN between two sites.
- Ubiquiti UnFi Security Gateway – Supports.
- Meraki MX400 Security Appliance – Supports.
- Quality of Service (QoS) Support – Ability to prioritize some network traffic over other types of traffic.
- Ports – How many ports will you need incoming and outgoing? Of what type?
- Ubiquiti UniFi Security Gateway
- 2x 1Gb RJ45 ports, 2x 1Gb RJ45/SFP Combination Ports.
- 1x RJ45 Serial Port (Console).
- Meraki MX400
- 12x GbE.
- 8x GbE (SFP).
- 2x 10 GbE (SFP+).
- Layer 3 Forwarding Performance
- Ubiquiti UniFi Security Gateway
- Packet Size of 64 Bytes – 2,400,000 pps.
- Packet Size of 512 Bytes or Larger – 4 Gbps (Line Rate).
- Processors/Memory/Storage
- Ubiquiti Unifi Security Gateway
- Dual-Core 1 GHz, MIPS64 w/Hardware Acceleration for Packet Processing.
- 2 GB DDR3 RAM.
- 4 GB Flash Storage.
- Redundant Power
- 3G/4G Modem Support
- Recommended Maximum Clients
- Meraki MX400 Security Appliance – 2,000.
- Stateful Firewall Throughput
- Meraki MX400 Security Appliance – 1 Gbps.
- Advanced Security Throughput
- Maximum VPN Sessions
- Layer 7 Application Type Filtering – Ability to filter traffic at the application level – e.g., P2P, video games, etc.
- Meraki MX400 Security Appliance – Supports.
- Ubiquiti Unifi Security Gateway
- Content Filtering
- Meraki MX400 Security Appliance – Supports.
- Intrusion Prevention (IPS)
- Meraki MX400 Security Appliance – Uses PCI compliant IPS which utilizes SNORT Signature DB from Cisco Sourcefire.
- Antivirus / Antiphishing
- Meraki MX400 Security Appliance – Uses Kaspersky.
- Identity Based Security Policies and Application Management
- Meraki MX400 Security Appliance – Supports.
- Branch Gateway Services
- Web Caching – Cache frequently accessed content.
- Load Balancing – Combines multiple ISP links into a single high speed source.
- Warranty
Comparisons
Further Resources