Do you have a preferred vendor for your network gear?

I’ll go first:

  • Firewalls: Fortinet, ASA, Palo Alto
  • Route/Switch: Cisco, HPE/Aruba
  • Wireless: Aruba, Cisco, Meraki
  • Auth: NPS, ISE, ClearPass
  • Monitoring: SolarWinds, Auvik, PRTG
  • Automation: Ansible
  • SDWAN: PA Prisma SDWAN, Fortinet, Velocloud
  • borari
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    2 years ago

    I got a lot of exposure to MikroTik’s route/switch devices when I worked at a WISP and really came to love them.

    Wireless: Aruba, Cisco, Meraki

    I know what you meant when you said “Wireless”, but I’m going to go with Siklu for their Kilo EtherHaul 70/80GHz radios that can no shit do 10Gbps links up to like 10 miles in ideal conditions.

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Ooooh, I gotta look this up. Love PtP links.

    • ggiesen@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Yeah we use a fair bit of Mikrotik as well. They’re great for the price, and work well as long as you stick to what they’re good at.

  • ggiesen@lemmy.ca
    link
    fedilink
    English
    arrow-up
    4
    ·
    2 years ago
    • Firewalls: Fortinet, Juniper
    • Route/Switch: Juniper
    • Wireless: God please no
    • Auth: FreeRADIUS
    • Monitoring: Zabbix
    • Automation: Salt
    • SDWAN: Fortinet
    • manifexOPM
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      Zabbix is great, I’ve rolled an instance of that. Also did extensive work with FreeRADIUS - that’s one big conf file.

      • ggiesen@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        The key to FreeRADIUS is to auto-generate the config, and use something like SQL or LDAP as an auth source.

        • manifexOPM
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 years ago

          Yeah, unfortunately, the use case I was implementing it for was 802.1X with certificates… that was fun!

          • Lemmington@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 years ago

            Once upon a time I setup the same thing and it was a PITA, and we didn’t want to use it in production. We’ve just setup PacketFence which uses FreeRadius and it was an absolute breeze by comparison

  • Leigh@lemmy.ml
    link
    fedilink
    English
    arrow-up
    4
    ·
    2 years ago

    Juniper for R/S, Palo for firewalls. At home I use pfsense and UniFi APs and in that environment they’re great.

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 years ago

      Ha! At home I run a Ubiquiti stack with my lab hung off it (switches, ASA, FortiGate).

  • Sauce
    link
    fedilink
    English
    arrow-up
    3
    ·
    2 years ago

    Wait, Cisco == Meraki ;)

    I work for Aruba (outing myself on my first post on Lemmy, smooth move dude) but I see Mist marketing themselves everywhere in the space, interested on people’s take on them.

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Wait, HPE == Aruba?

      Lol! I get hounded by Mist, but haven’t taken a real look at them. I’m breaking myself in at a Fortune company… about three months in. So I’m spending my time on getting up to speed. I’ll take a look at them though, and let you know what I think.

      • Sauce
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        LOL more like Aruba == HPE, at least that’s what we tell ourselves.

        • manifexOPM
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 years ago

          The folder in my Vendors folder says ‘Aruba,’ don’t worry! After CommWare got sidelined for Aruba’s OS, I could tell.

  • Callum
    link
    fedilink
    English
    arrow-up
    3
    ·
    2 years ago

    Juniper Routers and Switches are solid, firewalls are ok but pretty easily outclassed by a Forti or Palo these days

    Juniper Mist for Wi-Fi is awesome, much better than other wireless solutions I’ve used personally

  • hondenkop@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    Personally I love Fortis for firewalls and SDWAN, Huawei for routing, switching and WLAN. Clearpas for Auth. I do not have a lot of experience in different Monitoring softwares but am quite used to solarwinds.

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Anything using SNMP, SSH, and NetFlow gets me what I need. Oh, and easy packet captures.

  • breadsmasher
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    Id definitely include docker under automation. for monitoring we have started using managedEngine

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      ManageEngine is good. IMO, if you can do ICMP, SNMP, NetFlow, and SSH (for config mgmt), you’re good. Bonus points for API integration!

  • TheDudeA
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    No Arista? It’s been really great from my perspective. basically identical to the Cisco IOS!

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      Oh, I really like Arista, but haven’t had the opportunity to put into production. I only really see it with carrier deployments in my experience, but would be open to checking them out.

  • ball_soup@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    2 years ago

    This seems to be a divisive opinion, but I like Mikrotik routers. I run an RB3011 at home, and at the TV station I work at we have a transport stream out of the station to one of the transmitter sites over a GRE tunnel on two RB4011s. They aren’t as easy to support as Cisco but I like them.

    We have an Aruba which is only ok, and several HP Procurve switches that are very simple and easy to manage. No fancy interface that takes up screen space or resources.

    For monitoring, I use CheckMK and I just got done installing NetDisco. CheckMK installation is easy but the configuration is daunting because I could monitor literally whatever I want as long as there’s data for it, and then alerting is another layer of complexity and decision-making added onto it.

    I installed NetDisco because I wanted something that could show me a very basic “automated” network map. The TV station is 40 years old and has random things plugged in under floors and behind walls controlling lights and similar auxiliary devices, and it’s hard to tell exactly what is where or what that thing does. I’m pairing this with a Netbox installation that will serve as a source of truth for the hundreds of network cables, hundreds of audio cables, hundreds of GPI cables, and thousands of video cables and all of our racks of hardware so everything is listed in one spot and I can easily see what it’s associated with (example: interface 27 on switch 2 is associated with cable 2385. Cable 2385 is also associated with camera 6. Camera 6 has Audio 512 and GPI 73 plugged in). Netbox also has the ability to manage an asset inventory, which would add another useful tool.

    I apologize for rambling. Finally getting solid documentation on the physical and logical topology of my station is exciting.

    • manifexOPM
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 years ago

      Finally getting solid documentation on the physical and logical topology of my station is exciting.

      It’s the best. Watch out for hidden 4-port switches under desks… I swear those fuckers are like cockroaches.

      • [email protected]A
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Doing Bpdu guard, port security, 802.1x everywhere.
        Haven’t had to deal with a 4-port roach in ages.

    • aon@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      2 years ago

      I like MikroTik too. I kind of understand the dislike some people have for MT, but on the other hand a lot of it seems to be based on misunderstandings and outdated information.

      Juniper isn’t too bad either.

      Not much experience with “corporate firewalls” (besides MT / Juniper SRX), but having seen Fortinet, it doesn’t look too great.

  • Stimmed@reddthat.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    Depends on the load, budget for capex and opex, and what the network will be running :)

    I liked HP procurve before the Aruba firmware was introduced. For wireless, I used to like Ruckus 5 years ago. Cannot stand the move to cloud management that all the WAP vendors seem to require.

    For auth, the click verify of duo is pretty nice if the security of a physical OTP device isn’t needed.

    For firewalls… ASA if NSA isn’t in the threat profile.