Buy or not a SG-8860?
-
I know the equipment is used but is working. But, It is complicated to know if he has already been repaired. In fact my first concern is if the equipment meets my needs, because if it doesn't, I don't see any other option than to "mount a PFSense Box" (buy a board, CPU, memory, etc.). Because the value of importing an XG-7100 far exceeds my budget!
-
@stephenw10 Tks! Steve. This is a good intel!
-
@marcelovvm It seems that you'll be the new owner of an SG-8860...congrats! After purchase if your leftover budget can allow a support contract, I would take it.
-
@NollipfSense I haven't bought it yet, because I'm in doubt if the hardware will be able to support my needs. But for sure if you have a budget left, Netgate support will always be of great value! tks!
-
8860 could for sure handle the amount of traffic you have described.. 150mbps of traffic - don't even think it would break a sweat ;)
What exactly are you planning on doing with IPS/IDS? To be honest with the amount of https actual useful anything with it is becoming more difficult... I would think you might have use for it with traffic to your servers behind, but you would really need to do the offloading of the SSL, and then traffic through IPS... Kind of hard for IPS to find signatures of bad traffic if all it can see is the outer encrypted shell of https.
-
@johnpoz I agree ... in the past we tried to implement IPS, in a simple way
, and found that 70% of our traffic was https and therefore could not be analyzed (and even blocked). So we started with an endpoint solution (Sophos) that can analyze / block https traffic. And this is how we control outgoing traffic. -
Ok then you don't even have the extra overhead of running ips on your firewall.. So for your amount of traffic and other minor requirements.. A 3100 would be more than enough, a 5100 would be a rocketship.
-
@johnpoz Hi John... but the target device I'm looking to buy is the SG-8860-1U... not the SG-3100... even this one, the 3100, is very expensive in Brazil ... twice the SG-8860-1U.
-
@marcelovvm I think he was telling that as comparison in handling...don't delay...grab that SG-8860 now!
-
^ exactly! ;) if you found a 8860 at a price point you are happy with - snag it! ;)
its prob overkill to be honest, but if your happy with the price..
I have a 4860 on my home network - it is for sure way more than what is required.. But go big or go home works for me ;)
