Does your coworking space use a firewall?

[alison...@clickworkspace.org]

Hoping to get some input on cable Internet setups. Specifically, do you use a firewall as part of your system? What was the decision-making behind that? We're thinking we might be better off without one, or at least to make it an opt-in.

Thanks for sharing,

Alison Klejna, Click Workspace, Northampton, MA

[Alex Hillman]

Jon Markwell has a great (and thorough!) article about how they set up internet at his spot. 

http://jonathanmarkwell.com/2014/11/22/best-coworking-wifi/

Since reading it, we've switched everything to the hardware/software setup he recommended and it's been awesome. 

Besides basic firewall defaults built into the gateway, we aren't blocking anything specific. It's a HUGE drag on support (and a really crappy member experience) when folks go to use something and it doesn't work but they don't know why. 

Instead, we focus on making issues easy to spot and diagnose. In our most recent move, we added some new Unifi hardware, notably their 24 port switch and their USG router/gateway. 

The best part of using the gateway is that now I have this amazing dashboard that I can access from anywhere, including my mobile phone:

If we're having any sort of network issues, I (or my team) can easily see who's potentially causing the issue and go talk to them. 

99 times out of 100, the person who is doing something that causes issues on the network has no idea that what they're doing is causing trouble, or even more often, what they're doing is part of their work so BLOCKING them entirely would be counterproductive. File syncs over dropbox, Youtube uploads, even scheduled cloud backups among a few other things come to mind. Other times they just forgot to turn a program off that's sucking up tons of bandwidth. 

Unifi's Gateway also has a new feature called "Smart Queues" which we've been using for a few weeks and has all but entirely fixed these kinds of problems for us automatically. 

A single Unifi Gateway + 6 of their Unifi AP Pro wireless access points are supporting 100-120 people daily without breaking a sweat. 

We built some extra monitoring tools (mostly because our internet provider, Comcast, is f'ing terrible but we don't have other options) that we will be documenting and open sourcing very soon, along with a more detailed schematic, shopping list, and config suggestions.

At this point, I wouldn't fool around with any hardware except for Unifi. They've given the enterprise tools a massive run for their money at a fraction of the cost, and give the most flexible and friendly tools for managing that my non-technical team members are comfortable helping folks with basic network issues. 

-Alex 

------------------

The #1 mistake in community building is doing it by yourself.

Better Coworkers: http://indyhall.org

Weekly Coworking Tips: http://coworkingweekly.com

My Audiobook: https://theindyhallway.com/ten

--
Visit this forum on the web at http://discuss.coworking.com
---
You received this message because you are subscribed to the Google Groups "Coworking" group.
To unsubscribe from this group and stop receiving emails from it, send an email to coworking+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Jacob Sayles]

I've set up a number of firewalls for spaces and usually go with PFSense.  

[Tom Lewis]

Our network is Meraki and we use their security appliance https://meraki.cisco.com/products/appliances/mx100 which includes a firewall

Main positive point is that it's very easy to configure and operate, even for a non tech like me

Main negative point is that it's very very expensive (lots of ongoing subscription fees, otherwise your system gets shut down), and it's a strong part of an overall weak web access system- the meraki access points are terrible and their support is awful, in 2 years we've never had any response back from them that wasn't completely useless.  We've had so many problems with Meraki, but for the purposes of this reply, none of them have had anything to do with their firewall.

If I was doing it again, I'd stick with the Meraki firewall and go with one of the cheaper competitors- Unifi or Ubiquity for access points and switches

[s...@techsapiens.com]

Hi Tom - 

Full disclosure up front: we are IT guys and also Cisco Meraki partners (amongst other vendors). 

I am curious about your experience with Meraki WiFi. We use & recommend Meraki in coworking spaces with great success and do like the system a lot. That said, I know that despite the nice simple interface, there are still lots of WiFi gotchas, networking best practices and Meraki-specific bits that go into a successful deployment. Once those are taken care of, we think that Meraki APs can be some of the best in the business. 

If you're having problems and want someone who knows Meraki WiFi well to have a look, I would be happy to help. Although we do this kind of work commercially, I am happy to help take a quick look to see if there are any quick & easy suggestions we can make that might help you. 

I can also try and help escalate your support requests if you feel that you haven't been getting the support you need.

Cheers,

Shabad