pull down to refresh
This might be the lowest cost that would for me from these guys at least.
Buying old cisco devices can be a pain to get the newest patched firmware. Cisco will gate this behind subscriptions and maintenance contracts.
I'm not familiar with the Protectli kit, but it does look decent hardware for a good price, with no software vendor lock in. I'd probably go the i7 core over the i3, and run several instances in a hypervisor, maybe up the ram.
Good to know. I'm not a network guy but I dabble. Why run several instances?
Hypervisor on the metal vs running an network/firewall os on metal (pf/opn/openwrt/etc):
- isolate/compartmentalize functionality within a VM (eg: run IDS and routing in a different instance context)
- rip out and replace the core firewall / routing functionality (dont like pf, switch to opn VM, etc).
- VM images can are portable between devices + easier maintenance and upgrades
disadvantages:
- performance hit due to virtualization
Very helpful. Thanks.
Id add that https://vyos.io/ is another open source alternative Firewall OS that implements the cisco configuration language, if that's your thing.
I tend to prefer Linux firewalls over BSD based, but that's generally a preference in features over simplicity.
A hypervisor lets you try them all with as minimal effort in swapping them out.
Is there a good alternative switch manufacturer besides Cisco that doesn't have these subscription / licensing issues but also can be found used on eBay?
I've actually had a few of their routers. Still have some for travel. They're great. I recommend them to friends and family.
The 10g thing is the requirement that might drive up my costs. I might need to build my own from a 1 liter PC to save some money. Its always time vs. money.
Yeah... The issue is the network side and I don't want a laptop form factor. I have a server rack this will go into. My setup is super over-kill.
deleted by author