Wednesday, January 30, 2019

Perimeter firewalls and rapidly increasing internet bandwidth on offer from ISPs- how are you handling this?

I work for a VAR / MSP in the SMB / SME space. Over the past year or so we have seen some big jumps in bandwidth on offer from ISPs to our clients. The old average for our area used to be 25-50 Mbps for smaller shops, but now we're seeing 100 at a minimum in most cases, up to 400. Nearly all of these networks are designed with perimeter firewalls handling most if not all of their routing, VPNs, etc. The price difference between an NGFW that can do 50Mbps and 400Mbps is substantial (at least in re: to most businesses of this size).

The best I've really got right now is the very honest answer of, "It comes down to whether you want more bandwidth or more security based on your budget", i.e. we can deliver 400Mbps on your budget if you don't run IPS anymore (or similar). This can be a bit of a tough discussion because most clients assume that more bandwidth is always the answer, and while I don't disagree with them it doesn't always align with their other requests. Even if they never utilize that actual amount of bandwidth, if they happen to run a speedtest and see lower they assume something is wrong.

In a meeting with our primary NGFW vendor, they said they're experiencing the same growth issue where mom and pop shops are getting 1Gb fiber circuits and if they want to make use of that full pipe they're going to need a very expensive perimeter unit, and that's just not going to happen.

So, who has been dealing with this and what was your solution overall?



No comments:

Post a Comment