On Thu, Jun 30, 2011 at 8:50 AM, Blake T. Pfankuch <bl...@pfankuch.me> wrote: > Howdy, > I am looking for something a little unique in a bit of a tough > situation with some sticky requirements. First off, my requirements are a > little weird and I can't bend them a whole lot due to stipulations being put > on me. I am in need a firewall appliance which can be run on VMware vSphere, > with IPSEC support for multiple Phase 2 negotiations within a single Phase 1. > I am also in need of something that can support VLAN interfaces on the LAN > side, and ideally something with multi zoning so I can keep LAN side networks > separate from each without ridiculous firewall rules. Meaning build a zone > for "Customer network 1" and it displays separately (ease of management and > firewall config hopefully). I need a minimum of 10 "zones" on LAN side (/29 > or /30), and NAT support for LAN to WAN (to dedicate all outbound connections > to a single IP from a specific zone), ideally something extremely scalable > (100-200 zones). And here is the super fun part! I need something that is > going to be web managed primarily as minions will be doing most of the day to > day maintenance, or very simple CLI config. Willing to pay for something if > need be, but looking for something that can easily handly 50-100mbit of > throughput. > > Any Ideas? > > Thanks! > > Blake Pfankuch >
I just moved most of my network over to Juniper SRX firewalls. They are pretty easy, but having a half-brained NOC guy make firewall changes is a bad idea either way. -- Brent Jones br...@servuhome.net
