All ... update on Peplink:
First, some basic information:
1) They don't have unified threat management.
2) they have very strong features around WAN load balancing -- they even handle absolute data caps per month. They are the only hardware vendor we know of which provides that functionality. Essentially, their devices were designed around data cards and USB devices connecting to 3g/4g networks, so they have features to support these. In this way they are a good fit for the Verizon WAN's.
There are a lot of options for using various Peplink devices. We'd appreciate any thoughts on these options:
1) Their Pepilnk 30 ($400) could be used to perform the load balancing across all three WAN's (T-1, Verizon #1, Verizon #2). This device could then be plugged into the back of our existing Watchguard firewall which would maintain the UTM and other basic firewall functions. QOS and some basic traffic prioritization would be moved off the firewall to the Peplink 30. Not very rich functionality on the traffic shaping options, though.
2) We could attach the Verizon services to a Peplink 30 ($400) and the output of the Pepllink as well as the T-1 to the back of our existing Watchguard firewall. This would allow the firewall to perfom the "spillover" functionality while the Peplink would load balance the two Verizon services. This would leave QOS and some other traffic prioritization on the firewall. But even with the firewall participating in the load balancing, we still would not get very rich traffic shaping functionality.
3) We could purchase a Balance 380 or above, which would give us their "Bandwidth Management" functionality. This would give us very flexible much richer bandwidth shaping around users, ranges of IP addresses and even target domains. However, it would not allow us to control, say all 'video' on all websites. It would replace most of the firewall functionality except UTM. So we would still want to leave the firewall in place.
More to come ....