Recommend Business Networking Router - UTM - Firewall Device for TPG Fiber 1000 connection

Hello

I would like a recommendation for a Firewall device for small business with requirement of continuous IPSEC Tunnels between three sites.

Current Setup
Cyberoam CR25iNG (Device Only) - No support or security subscription from Cyberoam
Internet Connection : 10/10 mbps
Cisco Umbrella Enterprise subscription for security at the router level

Future Setup

Router: ?????? Please recommend (Prefer Sophos XG as it is easier to migrate) Too confusing with numbers when comparing models
Internet Connection : TPG 1000 mbps Fibre
Security: Do you guys recommend UTM + Support 36 months subscription or separate security with appliance purchase only

Need protection for ransomware as I need confidential medical data protected.

Apologies if some of the terms are incorrect as I am not completely knowledgable in certain networking terms.

Comments

  • Ultimately it comes down to your budget, what you know and how much you're willing to outsource.

    If you want something that's relatively easy to install and is pretty much "ready to go" (as much as enterprise networking gear can be), then I'd go for a Ubiquiti UniFi setup. It's not in the same league as a Cisco or Meraki setup, but for a small business it's completely fine. I'd pick up a USG-Pro-4 for the routing. An alternative would be to get the EdgeSwitch Pro, which is a more enterprise class product, but you'll need to know how to operate it.

    My own personal setup in my home office uses a pfSense box, which I'm more than happy with. More customisation than a UniFi setup and it's fairly straightforward to setup and use, but the power is definitely there if you need it. I've just used an old Dell Optiplex, this will route at Gigabit no problem.

  • Firewalls4Now is quoting me $4500 for XG210 woth 36 months support which is ridiculous amount of money.
    The cyberoam device costed me around $800 new at one site and $250 second hand at other site. Set up outsourced though a networking expert paid by the hour as per need.
    I do pay $1000/year for Cisco umbrella protection across all sites.

    Now, do i need xg210? Will a lower model be sufficient keeping in mind the 1000 mbps fibre connection? The numbers when comparing models is foreign language to me.

    • How many clients do you have?

      • 3 sites
        10 employees per site
        2 ipsec vpn tunnels site to site
        Extensive data transfer back and forth through the tunnels
        Unrelated but Significant cost for me are the servers plus storage which is $150000 per site

        • That's not too bad actually. Have a look at the Ubiquiti EdgeRouter Infinity - it's around $2400 for the router which is more than enough for what you want to do. You could probably even get away with the EdgeRouter which is around $400 or so, but given the heavy VPN traffic, I'd go with the Infinity. I'd have a separate VPN server as opposed to letting the router handle it.

  • +2

    I'd recommend the Unifi Dream Machine Pro (basically a security gateway, managed switch + cloud key 2 combined into 1). It should cover all your networking needs for ~$700 really. You do need 1 or more APs, preferably Unifi of course. In terms of security, it has firewall with vpn, DPI, 3.5Gbps IDS/IPS. I've never set up business network so no idea how serious you are taking security but I imagine you may want 3rd party UTM.

  • Ubiquiti Unifi Dream Machine Pro Security Gateway
    https://www.pccasegear.com/products/49293/ubiquiti-unifi-dreā€¦

Login or Join to leave a comment