Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | [2] | 3 | 4 | 5 | (show all)   Print Thread
Standard User Michael_Chare
(fountain of knowledge) Wed 10-Oct-18 23:22:41
Print Post

Re: Network security devices


[re: Rolandrat] [link to this post]
 
In reply to a post by Rolandrat:
Untangle or Pfsense in bridge mode should do what you want, there are many free or home license versions of UTM's available.
You would need the hardware to install them on which Amazon sell many multi network mini pc type boxes, some even have pfsense already installed.

I note you have gigaclear, if thats the full fat 1Gb connection, the choice of hardware will be important as with all the feature turned on that 1Gb could end up at a tenth of that after all the inspection has been done. Check out their forums for advice.
I use untangle which costs $50 a year for home license as I found it easier to understand.
Your point about speed is a good one. I have the original Gigaclear service which does allow me to drive the line at the max almost 1Gb rate, though there is contention. It has dawned on me that the speeds that Watchguard quote are overall throughput speeds if multiple ports are used.

Michael Chare
Standard User caffn8me
(eat-sleep-adslguide) Thu 11-Oct-18 00:39:18
Print Post

Re: Network security devices


[re: Michael_Chare] [link to this post]
 
If you're just using two ports, the throughput will be either the maximum speed of the port (gigabit) or the stated throughput if lower. You only need to consider multiple ports if the quoted throughput exceeds 1Gbps.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User Michael_Chare
(fountain of knowledge) Thu 11-Oct-18 10:20:54
Print Post

Re: Network security devices


[re: caffn8me] [link to this post]
 
In reply to a post by caffn8me:
If you're just using two ports, the throughput will be either the maximum speed of the port (gigabit) or the stated throughput if lower. You only need to consider multiple ports if the quoted throughput exceeds 1Gbps.
It was this that made me think what I wrote. The XTM 330 is shown as having a higher throughput than the XTM 33 but maybe because it has more ports.

Michael Chare


Register (or login) on our website and you will not see this ad.

Standard User caffn8me
(eat-sleep-adslguide) Thu 11-Oct-18 13:36:30
Print Post

Re: Network security devices


[re: Michael_Chare] [link to this post]
 
The XTM 33 has a slower processor and half the memory of the XTM 330. It also doesn't usually have a cooling fan, which the XTM 330 does. They're really quite different beasts designed for different deployment scenarios (branch office vs head office) even though they are both referred to as the XTM 3 series. The XTM 33 will hit 850Mbps between one port and another (this does vary with packet size and protocol) so the processor is the limiting factor. With the XTM 330, the gigabit port speed is the limiting factor.

You can see a direct comparison at https://www.watchguard.com/wgrd-products/appliances-...

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs

Edited by caffn8me (Thu 11-Oct-18 13:39:33)

Standard User Michael_Chare
(fountain of knowledge) Thu 11-Oct-18 14:53:10
Print Post

Re: Network security devices


[re: caffn8me] [link to this post]
 
Thank you for your help. The XTM33 would be a more convenient size!

Michael Chare
Standard User caffn8me
(eat-sleep-adslguide) Thu 11-Oct-18 21:25:49
Print Post

Re: Network security devices


[re: Michael_Chare] [link to this post]
 
Yes, and it's most likely without a fan - although the XTM 33 hardware guide states that some versions do have a fan. It doesn't state which ones. It's not likely to be anywhere near as obtrusive as the fan on the XTM 330.

It would limit throughput on your 1Gbps connection, but how often can you actually download at 1Gbps?

The XTM 33 is no longer sold but it's still possible to obtain full support, at a price, until 1st July 2021 so it's not considered prehistoric.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs

Edited by caffn8me (Thu 11-Oct-18 21:35:13)

Standard User TrevorSP
(knowledge is power) Sun 14-Oct-18 15:50:49
Print Post

Re: Network security devices


[re: camieabz] [link to this post]
 
I love your humour!

Regards,
Trevor

Signature to be updated shortly, been away for a long time LOL!!! Not what most of you are thinking or guessing either!! Twas ill health!
Standard User Gerbil
(newbie) Sat 27-Oct-18 11:46:37
Print Post

Re: Network security devices


[re: Michael_Chare] [link to this post]
 
In reply to a post by Michael_Chare:
In reply to a post by Rolandrat:
Untangle or Pfsense in bridge mode should do what you want, there are many free or home license versions of UTM's available.
You would need the hardware to install them on which Amazon sell many multi network mini pc type boxes, some even have pfsense already installed.

I note you have gigaclear, if thats the full fat 1Gb connection, the choice of hardware will be important as with all the feature turned on that 1Gb could end up at a tenth of that after all the inspection has been done. Check out their forums for advice.
I use untangle which costs $50 a year for home license as I found it easier to understand.
Your point about speed is a good one. I have the original Gigaclear service which does allow me to drive the line at the max almost 1Gb rate, though there is contention. It has dawned on me that the speeds that Watchguard quote are overall throughput speeds if multiple ports are used.


I'm unclear whether you have the Gigaclear residential or business service, but if it is the residential service then be aware that Gigaclear are now finally offering bridge mode on their residential service for £5 extra a month. It was previously only available on their business service, but they seem to have slipped out a web site update earlier this month without any fanfare and it can now be ordered via their portal. That would remove one layer of NATing and potentially make the configuration of any device you then put between your LAN and their supplied router a lot simpler.
Standard User Michael_Chare
(fountain of knowledge) Sat 27-Oct-18 19:43:37
Print Post

Re: Network security devices


[re: Gerbil] [link to this post]
 
In reply to a post by Gerbil:
I'm unclear whether you have the Gigaclear residential or business service, but if it is the residential service then be aware that Gigaclear are now finally offering bridge mode on their residential service for £5 extra a month. It was previously only available on their business service, but they seem to have slipped out a web site update earlier this month without any fanfare and it can now be ordered via their portal. That would remove one layer of NATing and potentially make the configuration of any device you then put between your LAN and their supplied router a lot simpler.

That is interesting. I have the residential service. Today, before I read your post, I happened to raise a Gigaclear online query to ask if bridge mode was possible. The router I have is the DRGOS Tundra. I have been wondering about a Pfsense box. The challenge is to find a suitable box that is powerful enough not to delay packets and not to expensive.

Michael Chare
Standard User Michael_Chare
(fountain of knowledge) Tue 30-Oct-18 11:53:44
Print Post

Re: Network security devices


[re: Gerbil] [link to this post]
 
In reply to a post by Gerbil:
I'm unclear whether you have the Gigaclear residential or business service, but if it is the residential service then be aware that Gigaclear are now finally offering bridge mode on their residential service for £5 extra a month. It was previously only available on their business service, but they seem to have slipped out a web site update earlier this month without any fanfare and it can now be ordered via their portal. That would remove one layer of NATing and potentially make the configuration of any device you then put between your LAN and their supplied router a lot simpler.

Well after a couple of messages I have now learnt that bridge mode will be available to residential customers free of charge! This is good news the connection will just use DHCP and I am now wondering about a PFsense box. Gigaclear have added my name to a list of customers who will be told when the service is available. The details are in an email from Gigaclear which I could forward (PM) to you if you want.

Michael Chare
Pages in this thread: 1 | [2] | 3 | 4 | 5 | (show all)   Print Thread

Jump to