CertForums.com IT Certification Forum Homepage
Page 1 of 2 12 LastLast
Results 1 to 15 of 17

Spec me a small business VPN router

You are viewing a topic in the Networks forum part of the Computing Support Forums category.

  • Share:
  1. #1
    Gigabyte Poster Beerbaron's Avatar
    Posts
    529
    Join Date
    04 Aug 2007
    Country
    England Country Flag
    Liked
    16 times
    Rep Power
    9

    Post Spec me a small business VPN router

    Hi,

    I am looking for a new router for one of our small offices. The features I'm after are:


    • 10/100/1000 WAN

    • VPN (for remote users). VPN access must support MAC OS if it requires software

    • Needs to support ~30 users for remote user VPN

    • If possible can be rack mounted but its not too important

    • Ideally something small business in cost/configuration



    Any recommendations?

    Thanks.

    - - - Updated - - -

    I've just come across these. Generally not a huge fan of D-Link stuff by these seem to tick most boxes:

    D-Link UK | DSR-1000N Wireless N Dual Band Unified Service Router

    D-Link | DSR-500 Unified Services Router w/ WAN Failover

  2. Posts
    666
    Join Date
    6 June 2003
    Location
    Somewhere in Germany
     

  3. #2
    Megabyte Poster BraderzTheDog's Avatar
    Posts
    272
    Join Date
    17 Jan 2012
    Country
    UK Country Flag
    Age
    20
    Liked
    26 times
    Rep Power
    3
    Depends what you want you want in terms of features but here are a few.

    High end: Checkpoint - either hardware appliance or can be installed on a virtual machine if you have spare blade servers lieing around.
    Positives - easy to administer, very good gui, smartview tracker is fantastic tool for debugging, software blades, application awareness, can be distributed (manager & fw)
    Negatives: - Licenses expensive, can be a pain to debug if you don't know linux

    Mid range - Juniper SSG's or SRX - Hardware only based appliance, alot cheaper than checkpoint - huge range from SSG5 to SSG550 to suit all business needs.
    Positives - good web based gui, cheap solution (can pick up an ssg20 for about 200), very solid platform, scalable & great vendor support
    Negatives - Doesn't do much in the way of layer 7, cli language is VERY bispoke at least on SSG (SRX platform is more like cisco).

    Low end - Cisco ASA 505 or Fortinet - Cheap solution can pick these up for about 300 - 400 new from vendor. Does what it says on the tin.
    Positives - Cheap, well known and easy to deploy, alot of documentation especially Cisco (if you have a problem someone else somewhere will have had the same).
    Negatives - Not much functionality other than a basic Firewall and VPN solution, this does mean less stuff to go wrong but still... Not a massively great product.

    All of the above are firewalls, all can route packets will do the major routing protocols OSPF / RIP / EIGRP / BGP. All will give the ability to setup site to site and remote access VPN. Good solid products, I wouldn't use a router from personal experience.

    Hope this helps.

  4. #3
    Gigabyte Poster GSteer's Avatar
    Posts
    587
    Join Date
    09 Apr 2010
    Location
    The Lake District
    Country
    England Country Flag
    Age
    32
    Liked
    16 times
    Rep Power
    12
    I don't classify D-Link as something I'd want running at any of my clients.

    We're a reseller and use them pretty much exclusively over here, they work well, no silly VPN licensing & an OSX client is available.

    You can do a unit comparison with their Product Matrix here: http://www.fortinet.com/sites/defaul...ductMatrix.pdf

    We're currently testing a Cyberoam unit we've been approached about which is also the SMB segment, better reporting and individual user blocking features but I'm still cautious as they are relatively unheard of or proven to us.

  5. #4
    Gigabyte Poster Beerbaron's Avatar
    Posts
    529
    Join Date
    04 Aug 2007
    Country
    England Country Flag
    Liked
    16 times
    Rep Power
    9
    Thanks for the info.

    Its not a client but one of our offices. Only really 3-4 users there plus a few servers so quite small. We are looking for something quick and easy to setup.

    - - - Updated - - -

    Quote Originally Posted by GSteer View Post
    I don't classify D-Link as something I'd want running at any of my clients.

    We're a reseller and use them pretty much exclusively over here, they work well, no silly VPN licensing & an OSX client is available.

    You can do a unit comparison with their Product Matrix here: http://www.fortinet.com/sites/defaul...ductMatrix.pdf

    We're currently testing a Cyberoam unit we've been approached about which is also the SMB segment, better reporting and individual user blocking features but I'm still cautious as they are relatively unheard of or proven to us.
    What would you recommend from that product matrix?

  6. #5
    Gigabyte Poster GSteer's Avatar
    Posts
    587
    Join Date
    09 Apr 2010
    Location
    The Lake District
    Country
    England Country Flag
    Age
    32
    Liked
    16 times
    Rep Power
    12
    Just to clarify:

    The sites only got 3-4 users and a couple of servers, but needs 30-40 VPN users that will connect ?

  7. #6
    Moderator Sparky's Avatar
    Posts
    9,940
    Join Date
    15 Dec 2005
    Location
    Scotland
    Liked
    61 times
    Rep Power
    98
    Quote Originally Posted by Beerbaron View Post
    • Needs to support ~30 users for remote user VPN
    How many are going to be connected at the same time mate?

  8. #7
    Gigabyte Poster Beerbaron's Avatar
    Posts
    529
    Join Date
    04 Aug 2007
    Country
    England Country Flag
    Liked
    16 times
    Rep Power
    9
    there are only a few staff that work at the office. there are a couple of servers that people connect to when they are out and about working at clients/other offices. the current router has the option to add 32 VPN users which is full, although i doubt they are all used. all 32 wont connect at the same. there isnt the option to add more 32 users with it limited to 32 at the same time.

  9. #8
    Gigabyte Poster GSteer's Avatar
    Posts
    587
    Join Date
    09 Apr 2010
    Location
    The Lake District
    Country
    England Country Flag
    Age
    32
    Liked
    16 times
    Rep Power
    12
    Ahh.

    Well with the Fortigates (and most other brands of similar level) you can do LDAP passthrough to your AD, so no need for different credentials and no limits.

    So would 5-10 be connecting concurrently then ?

  10. #9
    Gigabyte Poster Beerbaron's Avatar
    Posts
    529
    Join Date
    04 Aug 2007
    Country
    England Country Flag
    Liked
    16 times
    Rep Power
    9
    no ad as its all mac with local accounts

  11. #10
    Gigabyte Poster GSteer's Avatar
    Posts
    587
    Join Date
    09 Apr 2010
    Location
    The Lake District
    Country
    England Country Flag
    Age
    32
    Liked
    16 times
    Rep Power
    12
    Looks like you could get away with a Fortigate 40C, but I'd suggest a 60. This is mainly as I've not had experience with the 40's as we don't use lower than the 60's ourselves.

    You do get faster throughputs on the VPNs with the 60's/80's. Also depends on the cost of them in the UK. There are wifi varients of those models too if that

    As an example we generally spec 60's for offices of around 10-25 people then move up to the 80's.

    User Maximums:

    Ok, so as per the latest firmware OS 5 it looks like all the desktop models with model numbers < 100 can have up to 500 local users.

    Source: http://docs.fortinet.com/fgt/handboo...-values-50.pdf

    More specific values for pre OS 5 can be seen at this link, which indicates anything greater than the 50 models have up to 100 local users available.

    Source: http://docs.fortinet.com/fgt/handboo...ues-40-mr3.pdf

  12. #11
    Moderator Sparky's Avatar
    Posts
    9,940
    Join Date
    15 Dec 2005
    Location
    Scotland
    Liked
    61 times
    Rep Power
    98
    If you want the correct product you need to work out how many remote workers are going to be connected at the same time (roughly).

    What Firewall products do you use at other sites?

  13. #12
    Gigabyte Poster Beerbaron's Avatar
    Posts
    529
    Join Date
    04 Aug 2007
    Country
    England Country Flag
    Liked
    16 times
    Rep Power
    9
    I would guess at about 10 users. the current firewall used is the one on the Draytek router.

  14. #13
    Moderator Sparky's Avatar
    Posts
    9,940
    Join Date
    15 Dec 2005
    Location
    Scotland
    Liked
    61 times
    Rep Power
    98
    Quote Originally Posted by Beerbaron View Post
    I would guess at about 10 users. the current firewall used is the one on the Draytek router.
    A couple of options mate.

    TZ 210 Network Security Appliance Series - Dell SonicWALL, Inc.

    NSA 220 Network Security Appliance Series - Dell SonicWALL, Inc.

    10 connections at one time is high - are the people connecting always remote workers?

  15. #14
    Gigabyte Poster GSteer's Avatar
    Posts
    587
    Join Date
    09 Apr 2010
    Location
    The Lake District
    Country
    England Country Flag
    Age
    32
    Liked
    16 times
    Rep Power
    12
    Sonicwalls...nooo, run.

    Personal preference but I really dislike their interfaces and charging a license per VPN client.

  16. #15
    Moderator Sparky's Avatar
    Posts
    9,940
    Join Date
    15 Dec 2005
    Location
    Scotland
    Liked
    61 times
    Rep Power
    98
    Quote Originally Posted by GSteer View Post
    Sonicwalls...nooo, run.

    Personal preference but I really dislike their interfaces and charging a license per VPN client.
    Eh? You mad?

    Interface is easy and the VPN licensing depends on whether its SSL or the standard Global VPN client.

    Much cheaper than Cisco etc. and you get enterprise features. Granted its more expensive that Drayteks etc. but you don’t get the security with Drayteks.

Page 1 of 2 12 LastLast

Similar Threads

  1. Best route for small business IT guy?
    By rob29london in forum General Microsoft Certifications
    Replies: 4
    Last Post: 24-Apr-2012, 01:42 PM
  2. What OS to Run on a Small Business Server?
    By Xinapse in forum Networks
    Replies: 8
    Last Post: 30-Jan-2011, 10:40 AM
  3. Small Business Server Anyone??
    By zimbo in forum SBS
    Replies: 38
    Last Post: 12-Jun-2008, 06:25 PM
  4. Small Business Specialist
    By madman045 in forum SBS
    Replies: 2
    Last Post: 03-Oct-2006, 03:14 PM
  5. What do most small business....
    By Boycie in forum Networks
    Replies: 5
    Last Post: 15-Nov-2005, 10:08 PM