[Chugalug] OT: Favorite Enterprise Firewalls?

Mike Harrison cluon at geeklabs.com
Wed Apr 17 15:20:53 UTC 2013

> I've heard good things about Sonicwall and Palo Alto firewalls, though I haven't had much experience with them..

My limited experience with older Sonicwalls was/is (they are still 
there...) pretty bad. They have weird ideas of what is allowed, and what 
they block and a crappy interface.

I just reflashed a pfSense box with the latest version, I was impressed.
On apropos hardware and sane expectations I think it's a serious 
contender. And you can buy several spare complete units for the price of 
other systems. They are limited for fringe features, unless you want to 
get nitty gritty with the CLI.

And remember, some of the fringe features (nat before...) are workarounds 
for bad overall network design, lazy admins and incompatible networks that 
can't be tweaked.

