MADMAN wrote: > > money no object, hardware based > > money an object, CBAC works well > > no moe money, ACLs > > Dave
With such a small site, personal firewall software on each of the computers might be a good option too. That could work out to be pretty cost-effective and certainly easy to install and configure. For additional security, combine the personal firewalls with access-control lists (ACLs) on the router or the Context-Based Access Control (CBAC) firewall feature set for the router. Elijah's BSD firewall looks like a good option too, especially considering it's an intrusion detection system (IDS) too. If the customer knows some UNIX and doesn't have money to spend, this would be a great choice. And James, please give your friend a bit of a talking to. ;-) Not using firewalls in this day and age is shockingly unwise. Please have him check all the computers for worms or Trojan horses that are busy attacking the rest of us. Thanks. Priscilla > > James Gruggett wrote: > > > > I have a friend that has a T1 going into his 1700 series > cisco router. > > His ISp has stated that someone has hacked into his Win2k > server and > > that he must put a firewall in place. > > > > Do you reccomend a software or hardware based firewall and > what type. > > > > The network consist of 1 server, 1 switch, ans 10 > workstations. > > > > Thanks > > > > [GroupStudy.com removed an attachment of type text/x-vcard > which had a name > > of james.gruggett.vcf] > -- > David Madland > CCIE# 2016 > Sr. Network Engineer > Qwest Communications > 612-664-3367 > > "You don't make the poor richer by making the rich poorer." > --Winston > Churchill > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57904&t=57893 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
