Firewall suggestions

NSA2400 EOL. Not sure about going to a 2600. Willing to switch to another vendor. Just looking for suggestions and inout based on experience from the crowd here


  • How much bandwidth do you have on your ISP’s?
  • How many users do you have on your secure network/guest wifi?
  • Future growth plans for next 3-5 years?

We recently did a “trade-up” (or whatever they call it) to a TZ600 from our NSA2400. It was MUCH cheaper than the NSA2600, but still does more than the 2400, so that was the recommendation from MBS (our IT consultants). The swap went great, and we’re running without a hitch. We’re not a “huge” church, so this may not totally apply, but it was the right move for us. We saved a TON of money doing the hardware upgrade with a 3 year service agreement vs. just updating our license (which is what we have traditionally done every year). We also upgraded a TZ215 to a TZ300, and will do the same with our other 2 TZ215s at our other 2 locations. We will save roughly $8,000(!!!) over the next 3 years going this route vs. just updating licenses yearly.
It also makes a big difference who you actually purchase through. I was able to get the best deal through MBS’s Dell rep vs. our direct rep or through CCB (which is generally who we purchase software through in order to get the best “non-profit” rate).

Oh, I forgot to add, we have around 1,000 people at 3 campuses, and our main location generally has a max of around 500 people potentially using the network (wireless/wired) at any given time. We have 3 SonicPoint NDRs, and 4 SonicPoint Nis “fed” by the TZ600 and around 40-45 hardwired devices.

Personally, I’m a fan of Cisco’s ASA line of firewalls.

I’ll ditto the Cisco ASA line. Upgrading to the ASA 5525-X with FirePOWER & IPS, Apps & AMP subscriptions, this year from an EOL 5510.