Hi
I have a server in colo that I use for backups and very occasionally
serving up a test site for a client. It is public facing to a switch
with 100mbps bandwidth (burstable). I need to install a firewall
without breaking the bank and was considering the Zywall 5. Does
anybody know if it will be powerful enough? Or should I be looking at
something like the Watchguard X500. I'm kinda confused.
Many thanks!
iVoltage wrote:
> Hi
>
> I have a server in colo that I use for backups and very occasionally
> serving up a test site for a client. It is public facing to a switch
> with 100mbps bandwidth (burstable). I need to install a firewall without
> breaking the bank and was considering the Zywall 5. Does anybody know if
> it will be powerful enough? Or should I be looking at something like the
> Watchguard X500. I'm kinda confused.
>
> Many thanks!
>
As the Zywall 5 is rated for a business of up to 30 users, using it on a
single server with one external user shouldn't be a problem. The only
thing I'd mention is that its throughput is limited to 40Mbps. You would
need a Zywall 70 to get 100Mbps but it sounds as if you don't get
anywhere near that.
Post removed (X-No-Archive: yes)
You may wish to investigate the Refurbished Cisco PIX Firewall Guide:
http://www.bradreese.com/refurbished-cisco-pix-firewalls.htm
Sincerely,
Brad Reese
BradReese.Com - Cisco eBay Repair Service
http://www.bradreese.com/ebay-cisco-repair.htm
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA & Canada: 877-549-2680
International: 828-277-7272
Fax: 775-254-3558
AIM: R2MGrant
BradReese.Com - Cisco Power Supply Headquarters
http://www.bradreese.com/cisco-power-supply-inventory.htm
Leythos wrote:
> In article
> cassiusbrown@yahoo.com says...
>
>>Hi
>>
>>I have a server in colo that I use for backups and very occasionally
>>serving up a test site for a client. It is public facing to a switch
>>with 100mbps bandwidth (burstable). I need to install a firewall
>>without breaking the bank and was considering the Zywall 5. Does
>>anybody know if it will be powerful enough? Or should I be looking at
>>something like the Watchguard X500. I'm kinda confused.
>
>
> Look at the throughput on the different models, you need to find
> something that states 100mbps or higher. WatchGuard is a good line, I
> don't like Zywall because of their lack of support.
>
What lack of support? Zyxel is fine here in the UK - I call the support
line and someone answers within a few seconds and knows what they are
talking about. They don't require expensive support contracts to get
firmware updates and they don't charge per user licenses. All these
reasons are why we moved away from Watchguard to Zyxel in the first place.
Post removed (X-No-Archive: yes)
Leythos wrote:
> In article
> spam@example.com says...
>
>>Leythos wrote:
>>
>>>In article
>>>cassiusbrown@yahoo.com says...
>>>
>>>
>>>>Hi
>>>>
>>>>I have a server in colo that I use for backups and very occasionally
>>>>serving up a test site for a client. It is public facing to a switch
>>>>with 100mbps bandwidth (burstable). I need to install a firewall
>>>>without breaking the bank and was considering the Zywall 5. Does
>>>>anybody know if it will be powerful enough? Or should I be looking at
>>>>something like the Watchguard X500. I'm kinda confused.
>>>
>>>
>>>Look at the throughput on the different models, you need to find
>>>something that states 100mbps or higher. WatchGuard is a good line, I
>>>don't like Zywall because of their lack of support.
>>>
>>
>>What lack of support? Zyxel is fine here in the UK - I call the support
>>line and someone answers within a few seconds and knows what they are
>>talking about. They don't require expensive support contracts to get
>>firmware updates and they don't charge per user licenses. All these
>>reasons are why we moved away from Watchguard to Zyxel in the first place.
>
>
> Strange, I called and could not get through to a human, only sales, and
> I don't consider sales people to be human :)
Some of the guys here have been on the courses run by Zyxel UK and have
direct numbers for the support guys who are very helpful. So I supose
that helps!
>
> It took them 8 calls and emails to get a reply about a simple VPN option
> that I needed to know if they supported, and in the end, all they said
> was read the manual. I had already downloaded the manual and it didn't
> cover the question, and their support people seemed to lack the basics.
>
> I could not even get an answer to "Does the device support multiple
> public IP addresses NAT'ed to multiple LAN addresses by port, or does it
> require that a IP be mapped to an IP instead of a IP:Port mapped to an
> IP:Port".
As I understand it, the answer is yes to all those questions
>
> I was considering their products for a small, 10 office location, but
> they could not provide basic Branch Office VPN answers during the
> evaluation phase, so I gave up on them.
Setting up a branch VPN is soooooo simple. Even got them working to
Cisco kit. We had no control over the Cisco stuff, we were just told to
"Use these settings". Plugged them in, fired up, been working perfectly
ever since. Its all pretty standard stuff.
Post removed (X-No-Archive: yes)
Leythos wrote:
> In article
> says...
>
>>Leythos wrote:
>>
>>>In article
>>>spam@example.com says...
>>>
>>>
>>>>Leythos wrote:
>>>>
>>>>
>>>>>In article
>>>>>cassiusbrown@yahoo.com says...
>>>>>
>>>>>
>>>>>
>>>>>>Hi
>>>>>>
>>>>>>I have a server in colo that I use for backups and very occasionally
>>>>>>serving up a test site for a client. It is public facing to a switch
>>>>>>with 100mbps bandwidth (burstable). I need to install a firewall
>>>>>>without breaking the bank and was considering the Zywall 5. Does
>>>>>>anybody know if it will be powerful enough? Or should I be looking at
>>>>>>something like the Watchguard X500. I'm kinda confused.
>>>>>
>>>>>
>>>>>Look at the throughput on the different models, you need to find
>>>>>something that states 100mbps or higher. WatchGuard is a good line, I
>>>>>don't like Zywall because of their lack of support.
>>>>>
>>>>
>>>>What lack of support? Zyxel is fine here in the UK - I call the support
>>>>line and someone answers within a few seconds and knows what they are
>>>>talking about. They don't require expensive support contracts to get
>>>>firmware updates and they don't charge per user licenses. All these
>>>>reasons are why we moved away from Watchguard to Zyxel in the first place.
>>>
>>>
>>>Strange, I called and could not get through to a human, only sales, and
>>>I don't consider sales people to be human :)
>>
>>Some of the guys here have been on the courses run by Zyxel UK and have
>>direct numbers for the support guys who are very helpful. So I supose
>>that helps!
>>
>>
>>>It took them 8 calls and emails to get a reply about a simple VPN option
>>>that I needed to know if they supported, and in the end, all they said
>>>was read the manual. I had already downloaded the manual and it didn't
>>>cover the question, and their support people seemed to lack the basics.
>>>
>>>I could not even get an answer to "Does the device support multiple
>>>public IP addresses NAT'ed to multiple LAN addresses by port, or does it
>>>require that a IP be mapped to an IP instead of a IP:Port mapped to an
>>>IP:Port".
>>
>>As I understand it, the answer is yes to all those questions
>>
>>
>>>I was considering their products for a small, 10 office location, but
>>>they could not provide basic Branch Office VPN answers during the
>>>evaluation phase, so I gave up on them.
>>
>>Setting up a branch VPN is soooooo simple. Even got them working to
>>Cisco kit. We had no control over the Cisco stuff, we were just told to
>>"Use these settings". Plugged them in, fired up, been working perfectly
>>ever since. Its all pretty standard stuff.
>
>
> Most firewalls work well with CISCO, it's like the vendors do their best
> to make sure that they can connect with them above all others.
>
> My overall impression of Zyxel has been that of a small startup that
Hardly. They have been building kit which Netgear and others have been
rebadging for years.
Post removed (X-No-Archive: yes)
On 2006-10-09 17:01:22 +0100, iVoltage
> Hi
>
> I have a server in colo that I use for backups and very occasionally
> serving up a test site for a client. It is public facing to a switch
> with 100mbps bandwidth (burstable). I need to install a firewall
> without breaking the bank and was considering the Zywall 5. Does
> anybody know if it will be powerful enough? Or should I be looking at
> something like the Watchguard X500. I'm kinda confused.
>
> Many thanks!
Thanks for all the advice! I've just checked on the Watchguard prices
and they are a world apart from Zyxel. I guess you get what you pay
for. I don't like the Watchguard Forever subscription policy, at all.
The most throughput I would require is my upload speed, 448kb, and that
of my nephew for his site. The rest would be free to deal with constant
pounding on Port 22. I can always use the Z5 at home when it proves
inadequate to my needs. Does anyone know if it will need to be UTM?
I am messing around with an old HP running Astaro at the moment. Once I
am confident with managing it, I was hoping to build my own 1u,
half-width, Celeron-powered ASL box. That way, there would be enough
rom for a half-width, mini-atx log sever as well. I'm also looking at a
Cisco Pix. They seem to be revered in many quarters.
Of course, I could throw caution to the wind and buy a WRAP box and
install M0n0wall on it. I have a week to learn before I'm due down at
the colo centre.
Thanks again, everyone!