Using a Watchguard Firebox SOHO for Branch Office VPNing?

["Matt Bruce" <matt.bruce () alphawest com au>]

Hi all,

Ok, here's risk of starting a religious debate. My queries are
vendor-specific:

I am quite intrigued about using a Watchguard Firebox SOHO to replace a
Linux firewall at a remote site for a client of ours. We are redesigning the
client's global internetworking infrastructure and believe Watchguard will
be the perfect fit for the client's requirements. We'd considered Firewall-1
for this client, but cost has won the day.

The client has a main site needing to provide access to around 100 Remote
User VPN users, so the Firebox-II Plus seems great there. We expect only
PPTP RUVPN usage.

One of the client's remote sites has around 15 users running from a vanilla
Linux firewall (ipfwadm or ipchains) set up by one of the guys there. We're
looking at a suitable Watchguard product to replace it, and to provide
Branch Office (firewall-to-firewall) VPN to the main site.

My query is, as I've no practical experience with the SOHO and am unwilling
to completely rely upon Watchguard's marketting material, what is the
general opinion regarding the use of the Firebox SOHO in such a manner? Any
pitfalls I should be aware of?

Anyone have any opinions on the Watchguard Firebox Telecommuter?

Regards,

Matt Bruce     <matt.bruce () alphawest com au>
Security & Internet Engineer
AlphaWest - http://www.alphawest.com.au/
"Illegitimus non carborundum est." :)