Internet firewall for a small office helps you protect your organization against advanced threats, configure and deploy the network security and see deep into what’s happening inside your network. Specifying the right appliance is dependent on a number of factors and involves developing a usage profile for the users and the network environment. For best results we recommend using the following some steps:
1. Identify the “Total User” Number:
Understand your environment like browsing behavior, application usage.
For 10 users: each user may have 1 PC or Laptop, and 1-2 mobile device like smartphone, tablet.
So the total user is from 20 to 30.
If the users are heavy surfing, frequently using media transfer, video, social network, you need to multiplied the total user with 1.5 or 2. So total user is maybe in range 30-50.
2. Specific throughput requirements
Depending on your environment there might be specific throughput requirements driving an adjustment of your first estimate the firewall.
The maximum available internet uplink capacity
- Maximum upload and download of internet link. Today FTTH line has the upload and download speed in 20-100Mbps.
- Number of internet link: if you have 2 or more internet link, the load balancing features is requirement, and the traffic will peak in high.
- Higher bandwidth, you need higher Internet firewall model.
3. The features and policy need for control the network
- Are you need Application control: control Facebook, Youtube, Download…?
- Are you need Intrusion Prevention System to protection your network?
- Do you have site-to-site VPN, how many sites?
- How much web traffic (Mbps and requests/s) is being generated – on average/at peak times?
- Are you need Advanced Threat Protection?
- How to authentication your users?
Using more features, you need more hardware performance.
4. Choose the firewall model
As average 10 users network, “total user” around 30, with full features you can enable, we suggest some firewall model:
4.1. Sophos UTM SG 115 Fullguard License – $831
SG 115 desktop firewall appliances offer an excellent price-to-performance ratio
Price based from Amazon: Sophos UTM SG 115 Security Appliance StandardProtect Bundle with 4 GE ports, FullGuard License, Standard 8×5 Support – 1 Year
4.2 Fortigate 60D Bundle – $680
Fortinet FortiGate-60D Security Appliance Bundle with 1 Year 8×5 Forticare and FortiGuard FG-60D-BDL
4.3 Sonicwall TZ500 Total Secure – $964
SonicWALL TZ500 Network Security/Firewall Appliance with TotalSecure 1 Yr 01-SSC-0445
Comparison table
desktop
desktop
desktop
Specification | Sophos SG 115 | Fortigate 60D | Sonicwall TZ500 |
Form Factor | Desktop | Desktop | Desktop |
Network Ports (GE) | 4 | 10 | 8 |
WiFi | optional with 802.11 a/b/g/n | option | option
802.11a/b/g/n/ac |
Storage (GB) | 320 | No | N/A |
RAM (GB) | 4 | N/A | 1 |
Firewall (Mbps) | 2,300 | 1,500 | 1,400 |
VPN (Mbps) | 425 | 1,000 – IPSec VPN
30 – SSL VPN |
1,000 |
IPS (Mbps) | 500 | 1,000 | 1,000 |
AV-proxy (Mbps) | 120 | 35 | 400 |
Connection limit | 1,000,000 | 500,000 | 125,000 |
New sessions/sec | 20,000 | 4,000 | 8,000 |
Price (hardware + full license) | $ 831 – Check it | $680 – Check it | $964 – Check it |
Leave a Reply