Posted by: Raj Perumal
CLI, Firewalls, gui, IDS, IPS
Hi folks! So as I’ve said before, not all network equipment is created equal. This includes firewalls. In my years of consulting I have had the pleasure of using countless hardware and software based firewall solutions. Everything seems to have it’s advantages and disadvantages for certain situations, and some firewalls are just horrible all around.
So the question you need to ask yourself, is does your firewall do everything you need? For example, there are some firewalls that will crush VoIP and refuse to pass the traffic properly even though they advertise they can. Or there will be some firewalls that will have a GUI or CLI but not implement it in the expected way making firewall administration a nightmare. Some block ports, but don’t do any advanced IPS or IDS.
So when you are buying a firewall, don’t just look at the security aspect of it. There is much more to a firewall than that. Also pay heed to the other features that will affect you everyday but that you just might not think about off the top of your head. Also just because a firewall has every feature under the sun, doesn’t make it a great idea to buy it. Sometimes it pays to seperate out features into different hardware appliances.
My point here is that everything is going to depend on your network needs. There isn’t one firewall that fits all. Do your due diligence and do that research before purchasing!