I'm currently running a medium business on pfSense. Been doing this for 5 years with zero issues. I have a decent budget now for security, so looking at seeing if it's money well spent going to an enterprise firewall. I currently have a 3rd party vendor with an appliance on-prem that has a port mirrored to my Internet VLAN to sniff any suspicious traffic. Also, my pfSense firewalls and AD servers send logs to the appliance (SIEM). I use DNS Redirector to filter DNS.
I'm using OpenVPN for 15 employees that connect and RDP into their computers.
I use Snort for IDS and auto blocking (scans, etc).
I don't use web content filtering since it doesn't work with HTTPS and I don't want to mess with certificates on all our devices.
I have failover with two WAN circuits. My primary connection is a 500Mbps fiber circuit. Backup is 20Mbps.
I have a pfSense VM for my main network, a pfSense VM for my Public WiFi network, and a pfSense VN for my secured WiFI network. I don't currently have WiFi on my main network, and will probably keep it this way for sometime. So, a total of 3 pfSense VMs on my VMware cluster.
Would the FortiGate give me better virus/malware protection by filtering traffic with full L7 awareness?
How's the content filtering? Can it inspect HTTPS for ALL devices, with no SSL cert errors or configs?
Can it do VPN with MFA easily?
Could one FortiGate be a firewall for my 3 segregated networks? Separate DHCP server for each one? Or just use it on my primary office network and keep pfSense for the WiFi networks?
Any recommendation on which model would work good for our 500Mbps fiber circuit? I don't see us going to 1GbE for another 5 years. We just upgraded to 500M from 200M a year ago and don't' use more than 50% of the pipe.
Any advice is appreciated as I mull over this big and expensive change. Not looking forward to learning a new device and working out all the issues, but also want to give us the best security.
No comments:
Post a Comment