Not sure where to put this and I hope someone here can help, currently our company is running a PFSense firewall in our data center on a Lenovo server with one ingress and one egress interface. We have a single gigabit connection at our data center in front of 4 hypervisors running around 20-30 hosts each. We're a hosted VoIP provider and all of our endpoints register back through this firewall to their respective hosts. We also have a backup data center with similar hardware, and the firewalls sync with each other daily. We also have some hosts backed up to AWS and GCE, so a firewall that can operate on a physical appliance, and seamlessly sync with the cloud would be a huge benefit.
I personally don't like the PFSense, the sync is on a cron schedule, we pay for yearly support but we really don't have anyone to call if the shit hits the fan, we don't have enough interfaces on the server to do redundant links on both the inbound and outbound ports. I just feel like this firewall is an incident waiting to happen.
That being said, what does everyone like to run in an enterprise environment? A friend of mine highly praised Palo Alto, and I was looking at the PA3020 though the price is at the high end of what we might be willing to spend, I was also recommended Fortinet as a cheaper alternative. I'm wondering if I should go with one of those, if there are other devices I should consider, or maybe if I should just stick with the PFSense since it can be reliable?
No comments:
Post a Comment