Re: Firewall Hardware and a bit of a Rant

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Colin wrote:
Hi all,

I need advice on which hardware firewall to purchase for a client
with 20 users. I'm fairly new to SBS and have installed 3 servers. So
far, no major problems. I have installed Premium to use ISA but my
line of thinking is now moving to single NIC with hardware FW
appliance and not relying just on a password to secure a network.
I've read (and appreciated) Leythos's advice on Watchguard Firewalls
but looking at the users forums fills me with dread - Watchguard seem
to think they are Cisco and don't have to provide support to smaller
IT guys because they are so powerful etc.. I need an appliance that
can provide Firewall, Content Filtering and be a VPN server/End Point
and be configurable by a mere mortal like me without having to enrol
in a £1000 per day class. I've looked at the major vendors offerings
and so far I'm stumped which way to go. Cisco in this case is out of
the question because of the cost. Likewise with Watchguard (my
reseller can sell me a X550e for £1100 but need another £1000 to
train me (in 6 hours) how to configure it). Sonicwall seem
approachable but I've no experience with them. Anyone used Juniper ?
If so what do you think ? Easily configurable ? What about D Link
(business line) ? Or Checkpoint Safe@Office line ? If my client
didn't need web filtering, I'd bang a PIX in and use the Cisco VPN
Client for remote access with local database XAuth to provide double
authentication.
Unfortunately, they do so can anyone recommend an appliance that will
cover my needs and be (fairly) straightforward to configure ? Many
thanks.

Regards Colin.

As I recall there were/are three ICSA certified SMB FW's WatchGuard,
Sonicwall, and I think it was PIX.

I'd research those ICSA certified and choose from that list.

--
/kj


.

Relevant Pages

  • Re: Firewall Hardware and a bit of a Rant
    ... I need advice on which hardware firewall to purchase for a client with 20 users. ... I'm fairly new to SBS and have installed 3 servers. ... Watchguard seem to think they are Cisco and don't have to provide support to smaller IT guys because they are so powerful etc.. ... If my client didn't need web filtering, I'd bang a PIX in and use the Cisco VPN Client for remote access with local database XAuth to provide double authentication. ...
    (microsoft.public.windows.server.sbs)
  • RE: Sizing a Firewall for a client
    ... I've recently ditched our slow watchguard products in favour of netscreen. ... Haven't used the small range of the netscreen products but I'd imagine their 5xp ... Sizing a Firewall for a client ... Sizing a Firewall for a client ...
    (Security-Basics)
  • Re: Firewall Hardware and a bit of a Rant
    ... I need advice on which hardware firewall to purchase for a client with 20 ... I'm fairly new to SBS and have installed 3 servers. ... With the X550e you can install it on your own and have it working in ...
    (microsoft.public.windows.server.sbs)
  • Re: FreeBSD firewall block syn flood attack
    ... The servers are being attacked with syn floods and go down ... I don't think a firewall can achieve this, even if it has some matching ... You should tell your client to set CONFIG_SYNCOOKIES ...
    (FreeBSD-Security)
  • RE: Sizing a Firewall for a client
    ... Application firewalls on the desktop and servers are nice ... Zone Alarm and Zone Alarm Pro are good choices as are ... Sizing a Firewall for a client ...
    (Security-Basics)