Pfsense network placement / hardware recommendation



  • I am evaluating pfsense and Untangle (http://www.untangle.com) platforms, as well as a Juniper SSG 140 for our network. Currently we have a Cisco Pix 515 as the only firewall. We have a Cisco Layer 3 switch as our router (which connects to the Pix 515 and the fiber junction box).

    Our connectivity into the building is Gigabit fiber.

    My wants and needs:

    -Powerful (fast) and reliable firewall at the Perimeter (best at wirespeed).
    -Use a second strong and capable firewall to separate the DMZ from the internal network (DMZ sandwich).
    -Keep things affordable, I'm not spending $5k-$10k on a wirespeed firewall. I am in public education, so budgets can be tight. But I can purchase the Juniper with erate funds (meaning I only pay about 30% of the cost).

    Ideally I would like an IDS/IPS, virus scanner (web/email), and content filter with either firewall or a separate box (has to meet the above 3 criteria).


Locked