At the risk of stating the obvious, all routers are software running on hardware, just that some you get to choose the hardware, others come with their own compact two/three nic computer pre-loaded with a cut-down OS (usually BusyBox) and proprietary routing software. I was reading some months ago an article (El Reg?) which claimed that many of the proprietary offerings have known unpatched flaws (try Google for info). Anecdotally, +1 for Zyxel - I have had no problems over many years, also Asus. I suspect that no-one ever got fired for buying Cisco, I also suspect you pay for the name.
On 21-Dec-2016 11:51 PM, Ken Dibble wrote:
Hi folks,
Looks like our "ancient" (2008) CISCO router has died.
I would appreciate the benefit of your experience regarding hardware vs software routers/firewalls to help me evaluate replacement options.
Our current network uses 1 GB switches and has about 150 machines, and there can be at least that many people simultaneously using the network and our 25 mbps synchronous internet connection (including people hooking into our internet from smart phones and tablets). Most servers, including the domain controller, are virtualized and we are using a SAN for storage (two identical Synology Linux NAS devices). We have a 10 GB switch for virtual server/storage connectivity.
We do not host external (internet) email or websites on our network.
We've had slow growth in the number of machines and users (+/- 5% per year) over the past decade.
We've always used the NAT functionality of the CISCO to provide a firewall and we only rarely allow anything to punch through it. The main exception would be our RDP server, which is in frequent use by between 5 and 10 simultaneous connections.
My understanding is that a software router/firewall running on an ordinary PC is likely to be slower than a dedicated hardware device. However, is the difference so significant for a network like mine as to rule out a cheaper software solution?
Do you have preferences for specific devices or software packages?
What do you all think?
Many thanks.
Ken Dibble www.stic-cil.org
[excessive quoting removed by server]