I just started a new job as an assistant IT person/CAD draftsman at a business that currently has an Instagate 404 firewall appliance. There is fiber coming in to the building and we are supposed to have 3MBps up and 8MBps down. With the Instagate 404 installed we only get around 1.3-3 down, but when bypassed we get the full speed. The IT guy wants to upgrade to the Instagate to the 604 because he thinks the 404 can’t handle all the packet traffic and he thinks the 604 can. First, I’m wondering if the RB1000 would be able to accomplish the same tasks as the Instagate. I’m a self made IT person, and my experience with Mikrotik so far, has been with the RB350. I love the RB350, and have learned a lot while using it. I might be wrong, but I think an RB350 might even be able to handle the job better than the Instagate, but I’m just not sure. Anyone have any experiences with Instagate? I’ve never heard of it until I came here. Here is the link for Instagate: http://www.esoft.com/new_products/utm.cfm
We are currently using terminal server, active directory, exchange, several VPN’s, adding VOIP in the next month or so, and we support several 1-4 PC remote job sites which relocate. The IT guy wants to migrate the settings from the Instagate 404 to the 604. I haven’t looked at the settings in the Instagate, so I’m not sure how much is really in it. We have probably 35 total users on the network including off-site. Our IT guy claims to be Cisco certified but hasn’t provided any proof (i’m not sure that anyone has asked for it either).
I’d like to suggest the RB1000 or even a smaller RB as an alternative.
any routerboard can handle 10mb of internet traffic, thats not much at all. that instagate must have something seriously wrong. maybe its half duplex or something. never used them, never heard of them, but even the cheapest black and blue boxes can handle that much traffic.
According to the specs, the InstaGate 404 can handle 100Mbps of traffic… WAY more than the 8Mbps/3Mbps traffic you’re throwing at it.
However, the number of connections quoted by eSoft seem to be quite low. 8000 connections can be used up very quickly if you have many users running peer-to-peer software (Torrents, eMule, Kazaa, and the like).
Obviously you’re asking on a MikroTik forum, so we will naturally tell you to go for MikroTik, but I would make sure the InstaGate is configured well before dissing it altogether. 8Mbps/3Mbps should be handled by even the simplest of routers.
I have a T1 customer that has used an Instagate firewall for many years. I installed their T1 in 2005 and had to deal with it then. They had already bonded with it and were not willing to give it up. I put a Cisco router in front of it. They have upgraded it at least once. I believe the cost is about $2K and maintenance is about $500 a year.
It’s a Linux based single board computer with a PCI slot for interface add ons. It has a GUI interface and is easy to admin. The biggest benefit to them has been the support and maintenance contract. They call esoft all the time for support.
From my point of view it is overpriced and slow but their customer support and hand-holding is excellent.
A RouterBoard could easily replace it at a fraction of the cost. I haven’t tried to talk them out of it because they are happy with it. The timing is not right. Also, I would have to come up with a support plan for them. Maybe I’ll try that in the future.
The biggest obstacle that you will have to overcome is the warm fuzzy feeling that your IT guy has because he can call esoft at any time and they can make him look good.
Thanks everyone. It’s definitely the fuzzy feeling they get, even though they already ran out of support. He wants the new upgraded one with included support. I’m not so sure he even wants to stay with the company very long, and I’d rather not deal with the Instagate if he leaves. I would feel limited after dealing with the RB’s. I will try and see how many connections are running and check the config. I’m not 100% sure about this IT guy anyway.
Both of them are about the same problem, discovered the first time 6 weeks ago. Simple problem, inprinciple, simple to demonstrate, or even to reproduce.
But actual state is, that I even do not know, whether MT is doing something on it or not. The flow of information is very slow, instead of telling me, the customer, yes, we acknowledge the problem, we are doing this and that, I have to ask, are you really doing anything ?
This bad expirience with the support is not my first encounter with them.