What is a good firewall appliance for 200 users?

1725 pts.
Firewall appliances
Looking for a good firewall appliance for around 200 users at my company.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Nice can of worms to open 😉

I will put on my flameproof underwear, and have a go at answering this one.

Everyone has their favorite, and essentially they all do the same job. Some are a bit easier to configure, some provide a bit better protection, some are less likely to be compromised, and some have better support and bug fixes.

For my money, I would go with the Cisco ASA 5505 with the unlimited licence (it comes in a 10, 50 and unlimited version). Then you have a very good firewall, it can also provide you with some VPN capability (SSL and IPSEC, and the 3DES/AES upgrade is free), so you can work from home and still access the company network, and Cisco are quick to get out fixes for most security vulnerabilites that may arise. It also has the possibility of hardware module in the future that will provide additional functionality. It is not the most straight forward to configure if you need to do anything fancy, but this forum can help you there, and there are loads of engineers you can hire for the day to configure whatever you need. For the basics, it virtually works straight out of the box.

The support on the Cisco website is second to none. I have worked with Juniper also, and while their boxes are good for the money, the support is not so good, and the website is near impossible to find anything.

Hey ! The bottom line is that you will get as many suggestions here as there are firewalls, and you just end up choosing one of them. What ever you choose, is probably better than not choosing any of them. Work out how much money you can afford, and spend it.

Good Luck !


I would recommend you look at the Netscreen firewalls which has all the same functionalities as Cisco and Checkpoint. Netscreen gives you the capabilities of the “VPN, SSL-VPN, IPS, Content Filtering”. All these features as becomes what’s known in the industry as UTM “United Threat Management”. Basically it’s alot of functions of multiple single-purpose appliances into a single “box”.

Discuss This Question: 6  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Stiltner
    What is a good firewall for under or around XXX-XXXXXX dollars would have been a better question. You have to give us some kind of range you're looking for to spend. What are your goals with the firewall? keep people out? Restrict people internally, broaden your question and I think you'll get a more direct answer / solution. Blank gave you a wonderful catch all response, but I think you can get more information out of everyone by passing us a bit more information. With that suggestion, it really depends upon your or your administrators skill levels. What are you familar with? Because using something you know ahead of time will eliminate two things, learning curve, and implementation schedule. I'm just as inclined to recommend a Linux based, roll your own firewall, as I am to recommend you a vendor supplied piece of hardware, as outside of user # (which in reality for a firewall is almost irrelevent, at least so far down on the list compared to what you need it to do). There's too many variables still needed to give you a more sensible answer from anyone. Unless you want a salesman to pitch his product to you, and I don't think any of us are that, and are interested in doing that.
    205 pointsBadges:
  • Kevin Beaver
    Many of my clients swear by their Cisco ASAs. But I also have clients who love their Watchguards, SonicWalls, and Jupiter/Netscreens. One of the biggest deciding factors should be how comfortable you are with the firewall's interface so try to check that out first.
    27,515 pointsBadges:
  • SpyMoose
    I loves me some SonicWALL. Out of all of the firewalls I've seen the SonicWALL has the simplistic interface that I can troubleshoot at 4a.m. with my eyes burning. A few of the applications that I like from the SonicWALL are: SSLVPN for remote connections, Load Balancing, and the absolute life saver is the High Availability option. The reports it sends out are easy to troubleshoot. I'm a little disappointed that I was not working here when it was configured but that's why the user manual goes with me every where I am for a quick read between classes.
    625 pointsBadges:
  • Schmidtw
    In the past, my company has used Watchdog Firewalls. Moderately priced, good functionality...bad support. A while ago, we upgraded too a Netgear ProSafe VPN Firewall model FVX538. Another moderately priced device. The configurations have been easy and effective. It just works great! -Schmidtw
    11,330 pointsBadges:
  • Sonotsky
    We went with Nokia IP350s. Our network admin apparently came into the organization with an "in" to a vendor that gave us an awesome price. For VPN, we have an old (but reliable) pair of Nortel Contivity 1740s that do the job quite nicely. With TunnelGuard on it's pretty much bulletproof.
    695 pointsBadges:
  • Manliz2000
    ASA 5505's are brilliant bits of kit : ) Front end GUI makes it much easier to manage, and you've got the capacity to expand if/when needed!
    275 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: