Hi Team, What firewalls are the most popular with the kids these days, I have experience at home with Unify - Dream Machine, Pfsense - Netgate 4100, Fortigate - 40F, Untangle - Virtualy, Sophos - Virtually.
Am partial to giving Meraki a run at the moment, my Fortigate License is about to expire and I will not renew it. I bought the Fortigate to learn the platform and it’s quite impressive.
Not interested in Unify these days, it’s improved immensely but it’s not for me. Opnsense is also off the table, it’s also not for me
Yes, you need a managed switch in any set up where you want to use VLANs. But honestly, not having VLANs is a huge mistake in a home lab in my opinion.
A sort of coworker uses a lot of Meraki stuff with VPNs all over the world, he works in entertainment where they are sending audio and video anywhere it is wanted. Festivals are one of their bigger recurring jobs. Sorry, I can’t remember the model number they are using, does AX or MX make sense?
He said the biggest thing is that all they need to do is put them on the lan/wan and tell the controller to make a link, and bam! secure VPN link to other sites. He said they use LTE/5G, Starlink, Terrestrial ISP, multiples of all of them, etc. when on site. Dual 40gbps (LAG) is a common backbone between sites (stages). It’s a mix of Dante, NDI, SRT, SMPTE ST2110, MADI, AES67 and control signals. Multicast, unicast, routed versions of both, lighting controls in a couple different IP flavors…
You don’t need to like Cisco, but some of their products make doing work a lot easier when you buy the right level of software and support.
Mikrotik RouterOS? I think they have a version that can run on x86 computers. Pretty obscure, but if you just want something to play with, might be fun.
Edit 2, RouterOS only runs for 24 hours in demo mode, you’d need to buy a key for any real testing on a PC. The free registered level might be enough, but guessing $45 will be needed for any real testing. RouterOS license keys - RouterOS - MikroTik Documentation
At this price, buying a cheap device that runs RouterOS might be a better way.
Depending on use case and needs, the Meraki “Go” line is pretty decent if you want it to just work, but it doesn’t have the more advanced features. I also have a Fortigate 40F at home, for the same reasons, just wanted to learn it. Using Sophos XGS3100s at work right now and have had a mostly good experience with them.
More of our clients are requesting UniFi. Generally, we go with what they are after, we can talk to them about options, but it’s their money. One of the things that matters is that UniFi’s overall support has been very good and their latest updates are very solid. I would say t that while it gets dismissed sometimes, the entire ecosphere does a very good job in latest versions, and the DMP etc. really solves most SMB setups in our testing. At the price/performance point, it’s worth following.
Unifi/Synology for entry level users/customers, everyone else its opnsense these days - hated the opnsense gui at beginning because i was so used to pfesense’s gui
But after several weeks actually prefer the opnsense gui now and the few pfsense’s i still have running i find the gui dated now! Also the tailscale addon in opnsense is solid, unlike the semi abandoned addon in pfsense
Bottom line… you can teach an old dog new tricks
PS Been trying out the grandstream GCC6011 for a few weeks now, what you get for the price is unbelievable/crazy (even got a built in pbx!) … so far working quite well as a trial with a small customer, actually thinking its a viable cheaper alternative to unifi.. time will tell
