Do you have a preferred vendor for your network gear?
I’ll go first:
- Firewalls: Fortinet, ASA, Palo Alto
- Route/Switch: Cisco, HPE/Aruba
- Wireless: Aruba, Cisco, Meraki
- Auth: NPS, ISE, ClearPass
- Monitoring: SolarWinds, Auvik, PRTG
- Automation: Ansible
- SDWAN: PA Prisma SDWAN, Fortinet, Velocloud
Fortinet
ONE DAY after we bought one it turns out [https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-rce-flaw-in-fortigate-ssl-vpn-devices-patch-now/amp/](they were being pwned and Fortinet is being a weasel in their security communications)
I blame myself. I knew old ones were being pwned but this just feels bad. Life goes on but ugh
Juniper for R/S, Palo for firewalls. At home I use pfsense and UniFi APs and in that environment they’re great.
Ha! At home I run a Ubiquiti stack with my lab hung off it (switches, ASA, FortiGate).
I got a lot of exposure to MikroTik’s route/switch devices when I worked at a WISP and really came to love them.
Wireless: Aruba, Cisco, Meraki
I know what you meant when you said “Wireless”, but I’m going to go with Siklu for their Kilo EtherHaul 70/80GHz radios that can no shit do 10Gbps links up to like 10 miles in ideal conditions.
Personally I love Fortis for firewalls and SDWAN, Huawei for routing, switching and WLAN. Clearpas for Auth. I do not have a lot of experience in different Monitoring softwares but am quite used to solarwinds.
Depends on the load, budget for capex and opex, and what the network will be running :)
I liked HP procurve before the Aruba firmware was introduced. For wireless, I used to like Ruckus 5 years ago. Cannot stand the move to cloud management that all the WAP vendors seem to require.
For auth, the click verify of duo is pretty nice if the security of a physical OTP device isn’t needed.
For firewalls… ASA if NSA isn’t in the threat profile.