Cisco Catalyst SD-WAN gives users the ability to manage connectivity across their WAN from a single dashboard that simplifies day to day monitoring and operations. Cisco Catalyst SD-WAN can be cloud-managed or deployed on premise offering comprehensive routing, security and policy control, along with advanced analytics with the flexibility to connect to multiple clouds with greater speed, reliability, and efficiency. According to the vendor, it can be deployed across a small number of…
N/A
pfSense
Score 9.2 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
It is a flexible tool for managing and optimizing WAN connections, but it does require some technical expertise to manage. It excels in its ability to integrate multiple WANs. It will however be a not-so-useful purchase if your company has few locations as it will be more expensive and complex for nothing.
Because pfSense is built around open source software, it is very convenient to be able to deploy in the event of hardware failure. We once had a client with a proprietary router that failed. While the router was under warranty, the expected time for the new router to arrive was about 2 weeks. We decided to implement pfSense for the client as a stop gap and ultimately ended up deploying the full enterprise appliance. Being able to get up and running using commodity hardware was a huge win for the client. We've also had a great amount of success deploying pfSense hardware at apartment complexes. The DNS resolver works great and we've had no issues handling multiple VLANs with various DHCP scopes on it. Finally, we've had clients that require having a failover cluster. Utilizing the built in CARP capabilities, we've been able to provide a very robust failover system that requires little maintenance and no downtime in the event of equipment failure.
Easy to use. Good user interface design! Easy to understand and easy to set up.
Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
It does appear to be a little glitchy when you go from template mode to CLI mode and try to do testing on certain areas. The configuration tends to get hung in that old session when you drop it from being controlled by the controller to making changes in CLI. I've had a lot of instances where you try to put it back into controller mode for review management and it holds on to your items you've had in CLI mode , it gets a little confused at which config it needs to use. You end up having to reset the whole number environment.
I did kind of mention a Con in the Pro section with OpenVPN.
When I create a config for an employee other employees are able to login to that config.
I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
Al ser soluciones integradas del portafolio de soluciones de Cisco, el soporte es transversal a cada uno de los componentes implementados, teniendo el cliente la capacidad de resolver sus inconvenientes bajo una misma infraestructura que está totalmente homologada, satisfacciendo de esta manera, las necesidades del cliente asi como permitiendo, que este se concentre en su negocio. Since the Cisco SD-WAN tools are a part of Cisco’s broader portfolio of solutions, support cross-cuts to each of our deployed components, with our company as the customer having the ability to solve our problems through the same, approved infrastructure. Their support team easily satisfies the customer’s needs so that they continue to focus on business functions.
The proof-of-concept setup that was done at a client site did provided a greater positive impression by Cisco Catalyst SD-WAN than Fortinet Secure SD-WAN for sure. It makes sense to use Cisco Catalyst SD-WAN while the major client is a Cisco house where more than 95% of network equipment used at their global networks are Cisco's.
While you can get the performance out of other products, pfSense offers the unique ability to put other services on the same device. Products such as Untagle's NG Firewall and SonicWall's TZ series offer cost effective options for firewall and VPN services, having incoming load balancing and connection proxies on the same device as the firewall offers extremely easy configuration and day to day management of network services
It's definitely decreased the amount that we spend on really expensive circuits every year. We're moving to cheaper broadband circuits with much higher throughput, being able to leverage those and still get the performance that we want, the quality of service that we want.
Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment.
The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget
pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available
Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.
