Hi everyone!
I work at an MSP that also does quite a lot of consulting work in Germany. The ASA firewalls in our core network where we do our MSP business are due for replacement and while evaluating different vendors we became unsure which firewalls to choose.
We currently use ASA firewalls as our core firewalls, and we also run some Fortigate firewalls for VPN stuff. Most of our customers are either using Cisco ASA, the new Cisco FTD or Fortigates. We are currently leaning towards FTD with FMC because we have a long history with Cisco products, it's what we got the most experience with and it's what most of our customers use. However, we have encountered major issues with FTD firewalls so we are not entirely confident going with them for our network. Missing features, instability and bugs are the main headaches we have experienced.
We aren't entirely satisfied with our Fortigates either. Maybe it's because of inexperience, but simple things like troubleshooting access rules are very complicated and tedious without the ASA "packet trace" and live logging features, which I have not been able to find in Fortigate.
We also have lots of customers that use Meraki but their firewalls, while easy to manage, aren't exactly a good fit for our use case.
So what are our other options? Checkpoint? Palo Alto? We have no experience with either of those products, and they seem rather expensive as well. I am not sure what the learning curve is on those devices. Cisco can provide us with rather steep price cuts as well which will probably make Palo and Checkpoint a lot more expensive.
pfSense and tnsr seems interesting but I am not sure if their support stacks up to Cisco's TAC.
What firewalls do you all use and are you happy with them? If you could switch, which vendor would you go with?
No comments:
Post a Comment