Watchguard
-
kind of a silly question…but all thing being equal (hardware and all) if you had to choose between PFsense and the stock configuration (set up the same way you would set up PFsense, stock meaning what ever software came from the manufacture of the firebox) which would you prefer? would you use the stock firebox software or would you use PFsense?
Well depends on how you want to look at it. If you want free, pfSense for sure. The Watchguard software isn't great, but if you are willing to pay for it's license for whatever features you want, it does provide UTM features which pfSense doesn't. I'd pick an open source UTM OS before Watchguard's any day though.
-
I'll throw in my two cents here too. It really does depend on what you're using it for. I'm using it for lab/home network/plaything, PFSense can't be beat for my purposes, and probably a lot of others too as I see a lot of people leaning towards nanobsd and small scale applications.
I've heard a lot of people on these boards using it for business purposes. Admitedly, I haven't seen either perform in a business setting, but I've seen SNORT running on linux platforms in business settings, and I've seen business orgs that wouldn't even entertain the idea of having opensource in their network.
My personal opinion leans towards using the opensource projects and follow it up with an in-house development team for business applications, it sure beats being at the mercy of watchguard for updates, bug fixes, and vulnerability announcements. Then again, I'm a technology purist that doesn't believe in turn-key solutions. If you want it done right, you have to do it yourself. A lot of comanies just can't fit that mentaility into their business model.
If I were to go with a proprietary solutions, it has to gain my trust. I haven't enough experience with watchguard software to know if it's worth my trust, but I have already evaluated other products critically that I'd go to first.
-
If you are going to be bidding on it, then it is defiantly something to watch. If you are doing the buy it now, the prices are around 300. What I don't understand is why there are sellers out there listing the prices 400 + to 700 all the way to a grand. I was happy with the 300, and I also had a paypal voucher which helped, works for me. I did not want to setup another system just to run a firewall, and I wanted something rackable, and I always liked these systems with pfsense on it. The 85 dollar buy it now x1000 was just a plus, if I can run a UTM on it even the better, again I do not want to build a system to do that either.
-
My Plan for this is to get my workstation back. I am running VMWARE and PFSENSE. I really want to get this up and running. I have been using PFSENSE for serveral yars now and m0n0wall before that. I perfer PFSESNE over m0n0wall due to being able to install packages and customize your firewall like you want and need it to be.
I been reading the forum and kinda want to get a rough idea on what, I am in for doing the installation. I like to keep the orginal flash if possible, so I can plan with the watchguard software.
RC
-
My Plan for this is to get my workstation back. I am running VMWARE and PFSENSE. I really want to get this up and running. I have been using PFSENSE for serveral yars now and m0n0wall before that. I perfer PFSESNE over m0n0wall due to being able to install packages and customize your firewall like you want and need it to be.
I been reading the forum and kinda want to get a rough idea on what, I am in for doing the installation. I like to keep the orginal flash if possible, so I can plan with the watchguard software.
RC
Embedded route:
1. Get a new CF/Microdrive
2. Copy the embedded pfSense image over to your CF
3. Switch out the current CF drive with your new one
4. Power on Firebox
5. Connect to com with 9600/8/1/N
6. Configure pfSenseFull Install:
1. Get some sort of new storage media and the correct cables (microdrive, laptop ide cable for a laptop drive, etc)
2. Install pfSense with your new media on a different computer with a cd-rom drive and vga port.
3. Select embedded kernal
4. Remove Watchguard CF drive
5. Connect new storage media
6. If storage media is greater than ~8gb you will need to get a PCI video card and a correct PS/2 keyboard port to connect to the board, go into BIOS and put your drive in CHS mode, and set heads to 2.
7. Power on Firebox
8. Connect to com with 9600/8/1/N
9. Configure pfSense -
In some of my research there is a usb port in the front of the case behind the face plate. Can I use that if there is a USB port?
RC -
The bigger X Peak gear, (x5000, x8000 etc..) have USB ports on them, I've been discussing them in another recent topic here on this board, they don't seem to take bootable drives however, but you probably can use them to collect logs and such, or even an ethernet adapter/WLAN adapter would work in there.
-
In some of my research there is a usb port in the front of the case behind the face plate. Can I use that if there is a USB port?
RCIf I remember correctly while working on my x500,x700,etc core watchguards they don't have the ports soldered on, but the solder points are there and the chips are on the board for USB to work. I'm out of town so I don't have any of mine nearby, but I believe that's the setup on the core gear.
-
It's up and running. I just trying to find the magic combination to get the LCD working. I loaded the LCD package on the nano image and it's not working.
What have I missed, I going to start migrating all my connections to it as soon as I get my lcd working.
I use open vpn and ipsec with 256 meg of ram I know I am going to be limited. What issues might I run into? I have 4 tunnels and I only bring them up and down as I need to provide support.
Any thoughts?
RC -
You can't use the LCD package, you have to install the watchguard specific driver. See the firebox LCD thread.
Steve