I have a large project that I am trying to put together for my job and I have worked the basics out. What devices to use at each site…etc. To give you a quick run done I have ten sites in total all connect in a ring topology that link back to a central site. At that site (the bunker) our content filter, Firewall (FortiGate) and a switch handle all the ingress and egress traffic from each site. So, I have one big LAN network with each site in its own set of subnets. My Firewall is going EOL this year and due to budget cuts, I have to come up with a more affordable way to maintain my network. Now that Unifi is getting into the enterprise level gear, it is starting to look like a viable option. My question now comes down to the firewall. Do you think I could replace my old FortiGate unit with a EFG from Ubiquity? Is that a feasible thought?
I wouldn’t need that; our content filtering handles all endpoints filtering. Our firewall really isn’t doing much other that some port forwarding and VPN to azure and a couple other places. From what I am seeing we would at least gain IPS that would not be a charge unless we wanted to pay for the upgraded services. With FortiGate you have to pay for it. Wouldn’t something be better than nothing?
My next issue is NAT overload. I have a /24 public IP range, and I force each site out its own public IP. I trying to figure out the best way or if it possible to do that with Unifi. Is it a possibility? Thank you for all the help.