[REQUEST] Router or UTM Help

JoelM

JoelM

Active Member
Reaction score
170
Location
Colorado, USA
Hi All,
I have a client who is looking at switching internet providers. The current provider includes a hosted firewall so I have not had to worry about that.
The provider they are considering switching to will not offer firewall services. This is a real estate agency with up to 65 agents at one location and 5 at a second location. There will NOT be a VPN between the locations.
All my other clients of this size are using the internet provider who takes care of their firewall with the hosted firewall solution included in their price.
My question is I have never used, setup or even played with a UTM. I need some help with a client of this size to recommend a good router or UTM to handle the network and not cause any bottle necks at a reasonable price.
I see untangle mentioned in a few threads so have browsed their site. I have no experience with command line programming on Cisco units so any unit like that would be out.
With real estate many of you are aware that agents are independent so the office has no overall control of the individual machines as you would have in a normal business. They can recommend and suggest but not control machines.
I need something that is robust & will provide reasonable protection that I can figure out at a reasonable price. The internet a the larger location will be fiber with 100MB download speed.
Thanks
Joel
 
Untangle is our preferred UTM. We usually push/recommend a UTM first to our clients. But we realize many of our clients don't have the budget for a UTM...higher initial cost, and an ongoing subcription.

So for our clients that don't want a UTM, we use Ubiquiti...which is REALLY nice when you use Ubiquiti Unifi products as the whole technology ...gateway, switch, access points...as the Unifi controller product is great.

If you need help with either, I'm happy to help. If you want to see what Untangle is about..I'm happy to help, we're well versed with Untangle...been a reseller since Untangle was at version 5.

Sophos is another very good UTM....great product. I've played with it and even signed up with Sophos as a reseller a few years ago...but, we stuck with Untangle...larger profit margins and I like the community and product.
 
YeOldeStonecat said:
So for our clients that don't want a UTM, we use Ubiquiti...which is REALLY nice when you use Ubiquiti Unifi products as the whole technology ...gateway, switch, access points...as the Unifi controller product is great.
Click to expand...


We currently do have 4 Ubiquiti AP's in the building. The controller is running on one of the machines in the building although we have been thinking of trying to switch it to the cloud key to see how it works.
Switches will be provided by the internet provider as part of the cost of the package so I will not be changing those.
Which gateway would you recommend and what are the advantages/disadvantages of each so I can propose it to the client.
Thanks so much.
 
JoelM said:
Which gateway would you recommend and what are the advantages/disadvantages of each so I can propose it to the client.
Thanks so much.
Click to expand...

In comparing the USG vs USG Pro...I look at the total number of expected users, and the possibility of needing multiple internal networks. The USG...I try to use for networks of 75 users or less. I believe it's spec'd for 200 max. For larger networks..the USG pro has more horsepower, and of course..additional ethernet interfaces allows you to built out more complex networks..separate networks..and stick stuff like guest VLANs on a different Eth interface for better performance instead of having VLANs share a single LAN interface.

When you have an entire Ubiquiti based technology stack for a network (gateway, switch, access points)..the Unifi controller makes it really nice and easy to setup/manage them all from the Unifi.ubnt.com portal. It's multi-tenant..so you log into that portal and manage all of your Ubiquiti based clients. GREAT MSP tool.
 
I like Untangle, so +1 for that. However, its not without pitfalls. Much like other UTM's (excluding pfSense) your gonna have to buy it. Which is not the issue. The issue is with the apps. Many apps have a monthly cost. So the cost can get quite expensive. Some apps are free, but heavily watered down versions of the paid counterpart.

I have used pfSense for about 2 years now and it does everything I need it to do. I put it on this: https://goo.gl/1hWcFz

I am very happy with it. You can also use this as well if you dont have a rack.
 
Your PCMD said:
I like Untangle, so +1 for that. However, its not without pitfalls. Much like other UTM's (excluding pfSense) your gonna have to buy it.
Click to expand...

I don't consider PFSense a UTM (you can add modules to almost sorta make it a UTM)...but Untangle does have a Lite (free) version which does include some true UTM features...and I find it to be better protection for small biz's than PFSense. However PFSense is better at VPNs than the free version of Untangle, since the freebie of Untangle only includes OpenVPN for the VPN module...and for sites to sites..while insanely easy to setup, it has performance hits compared to IPSec or SSL, and since it employs NAT...any VoIP phones through the tunnel hate it. Paid versions of Untangle get IPSec VPN.
 
We use NexGen Appliances for our hardware platform for Untangle. I'd look at the NG-100 appliance.
https://nexgenappliances.com/40-ng-firewall-hardware
For a network your size the 4 gigs of RAM it defaults with should be OK, for larger like 100 or more...I like to go to 8 gigs.

If they're claiming budget restraint...I would consider the NG-50 so long as you spec it with 4 gigs of RAM, if they were not doing any e-mail SPAM filtering through Untangle or looking for regular reporting. Since they're a real estate broker office probably part of a bigger chain that does filtering up a corp HQ, or...like most smaller real estate offices...probably uses GMail. So the NG-fitty with 4 gigs on SSD may work OK. Would want to see what bandwidth they had....(SkyKnight can chime in more here)

I always do SSDs on the appliances for firewalls. Higher grade ones meant for long life of writes/rewrites.

I don't really "cherry pick" modules in Untangle. We push the "Firewall Complete" package....or for our many non-profit clients..use the non-profit bundle.
 
Last edited:
JoelM said:
@YeOldeStonecat
Can I ask why you use NexGen instead of the Untangle appliance. The price is very similar.
Click to expand...

You sure can.
Way back in the early days of Untangle (going back to version 5....around...12 or more years ago I guess)...Untangle was selling hardware. And then they got out of the hardware game. We tried a bunch of other hardware vendors, and found Rob and Jim in the Untangle forums..and their own hardware that they custom build for Untangle. Back then they were called UntangleAppliances. We started using them..and have had a great experience with them. Good support.

A few years ago..Untangle started offering hardware platforms again. Initially..their pricing for resellers was...unfavorable for resellers. We were getting used to very good margins on the software licenses..and for some reason you could only bundle a license with hardware...but at piss poor margins. Soooo....I stuck with NexGen...getting their hardware, and getting licenses from Untangle at our very high margins (we've been Star Partners for a long time).

I just haven't had a reason to go with Untangles own hardware...happy with NexGen.
 
You must log in or register to reply here.

Similar threads

River Valley Computer
Ways to get rid of older computers.
2
Replies
27
Views
2K
lan101
lan101
ComputerDave
Connect router to router
Replies
11
Views
911
ComputerDave
ComputerDave
thecomputerguy
Where the heck is the Ricoh scan software?
2
Replies
26
Views
1K
HCHTech
HCHTech
HCHTech
Cell Phone Signal Amplifiers
Replies
11
Views
643
trevm999
trevm999
Rigo
Google phone support number? Email pwd issues
2
Replies
23
Views
2K
Rigo
Rigo
Back
Top