Pfsense network placement / hardware recommendation
-
I am evaluating pfsense and Untangle (http://www.untangle.com) platforms, as well as a Juniper SSG 140 for our network. Currently we have a Cisco Pix 515 as the only firewall. We have a Cisco Layer 3 switch as our router (which connects to the Pix 515 and the fiber junction box).
Our connectivity into the building is Gigabit fiber.
My wants and needs:
-Powerful (fast) and reliable firewall at the Perimeter (best at wirespeed).
-Use a second strong and capable firewall to separate the DMZ from the internal network (DMZ sandwich).
-Keep things affordable, I'm not spending $5k-$10k on a wirespeed firewall. I am in public education, so budgets can be tight. But I can purchase the Juniper with erate funds (meaning I only pay about 30% of the cost).Ideally I would like an IDS/IPS, virus scanner (web/email), and content filter with either firewall or a separate box (has to meet the above 3 criteria).