4 Replies Latest reply on Dec 8, 2010 9:38 AM by rugby

    What is a good replacement for the SG310 UTM which as gone EOL??

      We use these regularly and they are perfect for our application where we allow limited internet access and create an IPSEC tunnel for a VPN to our home office. These are easy to set up and very reliable. I have played with some Netgear stuff (which is unfathomable) and some Cyberoam stuff (which was released with really immature firmware).

       

      I'm looking for a simple to set up and reliable replacement for the SG310 with IPSec and PPTP connections available. Easy enough for a field tech to set up without going to training class!

       

      Any help would be appreciated.

        • 1. Re: What is a good replacement for the SG310 UTM which as gone EOL??
          PhilM

          Not sure about PPTP support, but you might want to consider the SonicWALL TZ series.

           

          If these Firewalls do happen to lack PPTP, they make up for it by having L2TP support and a rather nice little SSL VPN service. Configure a 'portal' and enable, connect to portal IP address using a web browser, download "NetExtender" client which then installs itself and sits in the system tray. From then on you fire-up the client whenever required and connect over TCP port 443 (which means roaming users are unlikely to encounter restrictions in hotels and other public hot spots) and away you go. The SSL connections are terminated in their own security zones, so you can control access using Firewall rules, if you wish.

           

          We primarily sell the higher end Sidewinder/Firewall Enterprise appliances and found the SnapGears to be very useful for remote office installations (I even have one at home). But following McAfee's decision to EOL them we looked at potential alternatives and decided to go with the SonicWALLs. While I've only been working with them for about 6 months, the UTM functions (web filtering, AV, etc...) seem to be pretty good as well.

           

          Hope that helps.

          Phil.

          1 of 1 people found this helpful
          • 2. Re: What is a good replacement for the SG310 UTM which as gone EOL??

            We've gone with Alix based PFSense installs for our SMB clients, maybe even a SuperMicro Dual core atom setup if they need more features.  PPTP works, OpenVPN works, IPSec works.  Once we start getting into more UTM features like proactive scanning and intrusion detection we start recommending Astaro Secure Gateways.  More expensive, but the features are worth it.

            • 3. Re: What is a good replacement for the SG310 UTM which as gone EOL??

              These look a little "roll-your-own" which we have never done with routers. Do you have a specific recommendation for something like what we're trying to do as an SG310 replacement? We loved the SG setup for our field techs because it was so simple and there were not many options to lead them astray. All the newer units are much more difficult to set up.

              Would something like Netgate m1n1wall 2D3/2D13 give us the basic functionality we need:

                   basic internet router for DSL/T1 hookup with basic firewall protection and NAT

                   IPSEC tunnel back to home office

                   PPTP server for inbound VPN connection direct to site

               

              Thanks for your help.

              • 4. Re: What is a good replacement for the SG310 UTM which as gone EOL??

                Jack,

                 

                The Netgate appliance works great for what you want.  PFSense isn't too difficult to learn, and there's a great book out there if you need extra assistance.