Recommendation for a Hardware Firewall

By MJD
in Smart Home, Network & Security

 Share

Recommended Posts

Proficient

MJD

Posted
Posted

Looking for recommendations that for a hardware firewall that can auto-update a IP blacklist from subscription service like iblocklist.com.  Will also accept advice on how to possibly program an update list into a Ubiquiti Edge Router.  Although I would prefer to distribute the firewall tasks to a firewall specific device.  Thanks in advance!

Proficient

MJD

Posted
  • Author
Posted
10 minutes ago, theefool said:

Something like this?  https://community.ui.com/questions/Using-spamhaus-lists/4aa976c1-69eb-4970-85fe-57216c4aebe2

 

Yes, that is very helpful, thank you!  I still would prefer a stand alone firewall, but will implement this if it comes down to it.  Thanks again!

Grand Master

Mindovermaster Global Moderator

Posted
  • Global Moderator
Posted

If you are familiar with PfSense, you can put that on ANY hardware.

 

But, being a small business, you'd need to pay for it.

 

Isn't there some IT people in your business to help?

Grand Master

Jason S. Global Moderator

Posted
  • Global Moderator
Posted

i think an option from Barracuda or Forcepoint might be in your ballpark. Their lower end models should be sufficient. The real money is not in the hardware, but in the subscription services. You'll want to get their automatic update subs and support.

Grand Master

+BudMan MVC

Posted
  • MVC
Posted
On 16/02/2021 at 11:12, Mindovermaster said:

But, being a small business, you'd need to pay for it.

Huh?  This is not true.. You can run pfsense FREE be it you home user or largest of largest Corporations..

 

Even with the new pfsense+ which is geared more towards business.  There is no cost to this as of yet, and if you have a netgate appliance it is included. And they have stated they will at somepoint release this to non netgate hardware.  Free for home/lab use was mentioned.  But no cost structure has been released if you want to run pfsense+ on your own hardware, and are a business..  So not clear how that will work out.

 

But you can always run the FREE community version on any hardware you have or even their own appliances.  For FREE, be it you have 1 or 100 of them.. Be it a some little tiny old work station pc, or a monster of a box that cost you 10K to build..

 

If you do not want to replace your current firewall.. You could always run pfsense on whatever hardware you have around.  Or purchase one of the netgate appliances.  They start at like $180 for the sg1100 model, which may be enough for what your wanting to do?  Then they ramp up to a $3k device..

 

No matter what you run it on, even a VM for example.  The build in alias system allows you to pull a list of IPs from anywhere you want pretty much to use in your firewall rules.  Or you could use the pfblocker package to help manage lists of IPs or domains or even ASNs to block traffic..

 

I would highly recommend taking a look to pfsense for sure - it should be easy to handle what you have described.

 

Where pfsense currently gets money is from the sale of their appliances, and support contracts for enterprise users..  But there is nothing saying you have to get a support contract or pay for a license for software.  Other than their new TNSR software - which is geared to moving lots of packets.. This is for corps needing to do stuff at 10gig plus, etc..

 

edit: example, I currently use pfblocker for some IP based block lists pulling geoip info (maxmind db) and couple public available lists..

example.thumb.png.0181c8e56c9935c1854a8f51f61f13f3.png

 

pfblocker also has a lot of predefined lists you can pick and choose from if you want..

 

feeds.thumb.png.d9dac85174d7b2449fbfdb4078e492b6.png

 

That is just the very top of the list of feeds you can choose from... Listing them all would be a very long image ;)

 

Grand Master

Mindovermaster Global Moderator

Posted
  • Global Moderator
Posted (edited)
35 minutes ago, BudMan said:

Huh?  This is not true.. You can run pfsense FREE be it you home user or largest of largest Corporations..

 

Even with the new pfsense+ which is geared more towards business.  There is no cost to this as of yet, and if you have a netgate appliance it is included. And they have stated they will at somepoint release this to non netgate hardware.  Free for home/lab use was mentioned.  But no cost structure has been released if you want to run pfsense+ on your own hardware, and are a business..  So not clear how that will work out.

 

But you can always run the FREE community version on any hardware you have or even their own appliances.  For FREE, be it you have 1 or 100 of them.. Be it a some little tiny old work station pc, or a monster of a box that cost you 10K to build..

 

If you do not want to replace your current firewall.. You could always run pfsense on whatever hardware you have around.  Or purchase one of the netgate appliances.  They start at like $180 for the sg1100 model, which may be enough for what your wanting to do?  Then they ramp up to a $3k device..

 

No matter what you run it on, even a VM for example.  The build in alias system allows you to pull a list of IPs from anywhere you want pretty much to use in your firewall rules.  Or you could use the pfblocker package to help manage lists of IPs or domains or even ASNs to block traffic..

 

I would highly recommend taking a look to pfsense for sure - it should be easy to handle what you have described.

 

Where pfsense currently gets money is from the sale of their appliances, and support contracts for enterprise users..  But there is nothing saying you have to get a support contract or pay for a license for software.  Other than their new TNSR software - which is geared to moving lots of packets.. This is for corps needing to do stuff at 10gig plus, etc..

 

edit: example, I currently use pfblocker for some IP based block lists pulling geoip info (maxmind db) and couple public available lists..

 

pfblocker also has a lot of predefined lists you can pick and choose from if you want..

 

That is just the very top of the list of feeds you can choose from... Listing them all would be a very long image ;)

 

I thought it was free for home use, but wasn't for small-to-large business use. Guess I was wrong.

 

Anyway, follow what he says. ^

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

^ many a company running pfsense.. All free - unless they get a support contract.  We run a few of their 3100's and a older 2440 in some branch locations.. Other than the cost of the box - there is no other cost.

Grand Master

Mindovermaster Global Moderator

Posted
  • Global Moderator
Posted
1 hour ago, BudMan said:

^ many a company running pfsense.. All free - unless they get a support contract.  We run a few of their 3100's and a older 2440 in some branch locations.. Other than the cost of the box - there is no other cost.

Oh, OK. Support only, got it.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • This Chinese company is reportedly developing a feature Apple and Samsung can only dream of

      By Mateus · Posted

      This is a none story - these low volume Chinese models will always get new experimental features first because Apple and Samsung can't produce them in huge volume to meet demand.
    • Nvidia GeForce NOW gains support for Dark Scrolls, Empulse, and more

      By LoneWolfSL · Posted

      Nvidia GeForce NOW gains support for Dark Scrolls, Empulse, and more by Pulasthi Ariyasinghe The final update of June for Nvidia's cloud gaming service GeForce NOW is now available, and it is touting support for six more games. The company is also drawing subscriber attention towards the summer sales kicking off across stores, so they can stock up on more cloud-supported titles. Of course, the Steam Summer Sale is the biggest promotion, which is kicking off later today. "Supported Steam games can be streamed across devices with GeForce NOW, making it easy to buy a game once, keep progress synced and pick up where the gameplay left off on PCs, Macs, handheld devices, phones, TVs and more," says the company. "In other words, the Steam Summer Sale brings the deals; GeForce NOW adds the flexibility." Don't forget that the GeForce NOW summer sale is still active as well. This limited-time offer drops the 12-month Performance membership from $99.99 to $64.99, saving members $35. At the same time, the 12-month Ultimate membership is currently going for $129.99, dropping the price by $70 from the original $199.99. Here are the games joining GeForce NOW's supported list this week: Dark Scrolls (New release on Steam, available June 22) SAND: Raiders of Sophie (New release on Steam, available June 22) Deer & Boy (New release on Steam, available June 23) EMPULSE (New release on Steam, available June 24) The Adventures of Elliot: The Millennium Tales (Steam) FATAL FURY: City of the Wolves (Steam) With the June expansions coming to an end, Nvidia should be announcing its July GeForce NOW plans next week. Keep in mind that, unlike subscription services like Game Pass or EA Play, a copy of a game must be owned by the GeForce NOW member (or at least have a license via PC Game Pass) to start playing via Nvidia's cloud servers. There is also a limit to how many hours subscribers can use the service per month.
    • Davinci Resolve 21.0.1

      By Copernic · Posted

      Davinci Resolve 21.0.1 by Razvan Serea DaVinci Resolve is the world’s only solution that combines editing, color correction, visual effects, motion graphics and audio post production all in one software tool! Its elegant, modern interface is fast to learn and easy for new users, yet powerful for professionals. DaVinci Resolve lets you work faster and at a higher quality because you don’t have to learn multiple apps or switch software for different tasks. That means you can work with camera original quality images throughout the entire process. It’s like having your own post production studio in a single app! Best of all, by learning DaVinci Resolve, you’re learning how to use the exact same tools used by Hollywood professionals! DaVinci Resolve is the only post production software designed for true collaboration. Multiple editors, assistants, colorists, VFX artists and sound designers can all work on the same project at the same time! Whether you’re an individual artist, or part of a larger collaborative team, it’s easy to see why DaVinci Resolve is the standard for high end post production and is used for finishing more Hollywood feature films, episodic television programing and TV commercials than any other software. Davinci Resolve 21.0.1 release notes: Addressed multiple DNG and Apple ProRAW color issues. Addressed issue with automatic smart bins after deleting keywords. Addressed issue with multiple linked audio in media management. Addressed multiple Resolve FX issues in photo page. Addressed issue with key shortcut to switch viewer in photo page. More consistent creation of new photo albums. Addressed color thumbnail refresh for photo transform indicator. Transcription now honors project settings language. Improved face recognition in IntelliSearch. Addressed exported bins not retaining generator and title properties. Addressed ease control display and sensitivity issues. Addressed keyframe issue when copying clips with Fusion effects. Addressed keyframe refresh for Fusion effects in the edit page. Addressed issue with 3D renders in Linux with non-English locales. Addressed Fusion viewer color issue for some RCM settings. Addressed issue with saturation limits in Fusion gradient controls. Addressed Fusion display issues with dual screen layouts. Addressed issue with non-English character inputs in Linux. Disabling MultiMaster now disables trim blanking controls. Addressed crash in some scenarios with CineFocus. Addressed lag when toggling bypass grades and Fusion effects. Addressed occasional issue with Fairlight loudness meters. Addressed data burn display of good take tag in upgraded projects. Addressed project manager scroll lag for large project libraries. Support for Sony Alpha 7R VI ARW RAW stills. Support for decoding Affinity RGB 16-bit formats. Addressed a color issue with MainConcept H.265 HDR renders. Addressed a color issue with Windows native H.265 HDR renders. RemoveMotionBlur API now uses correct encode parameters. Addressed character limit consistency in GenerateSpeech API. General performance and stability improvements. Download page: Davinci Resolve 21.0.1 | 3300 MB (Free, paid upgrade available) Links: DaVinci Resolve Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Win11Debloat 06.24.2026

      By Jaybonaut · Posted

      There are so many of these apps now that do this, what do people recommend?
    • Xbox Insiders get Xbox 360 achievements and Gamertag character upgrades

      By +Eternal Tempest · Posted

      This looks like a nice enhancement.

  • Recent Achievements

    • First Post
      kinowa earned a badge
      First Post
    • Rookie
      krychek57 went up a rank
      Rookie
    • Grand Master
      Jaybonaut went up a rank
      Grand Master
    • One Year In
      Philsl earned a badge
      One Year In
    • Dedicated
      Scoobystu earned a badge
      Dedicated

  • Popular Contributors

    1. 1
      +primortal
      462
    2. 2
      +Edouard
      172
    3. 3
      PsYcHoKiLLa
      136
    4. 4
      Michael Scrip
      78
    5. 5
      Xenon
      77
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!