RE: Firewall opinions wanted please - clarification
As much as I hate to follow up my own post, I suppose I was a bit too vauge for my own good =] We do not run any cisco gear and we are in a Class A data facility. By proxy I did not mean to imply NAT. I cannot remember the proper term but what I mean is full packet handeling as opposed to packet inspection. Security is important but the budget limit is only up to about 3K. I have been trying to get the client a firewall for some time and am just now getting the go ahead. Sorry for any vaugeness but I usually like to not say to much as to sway opinions one way or another and to learn more as any knowlege I have may be wrong or out of date. Nicole On 16-Mar-04 Unnamed Administration sources reported Nicole said : Hi I am looking for a good but reasonably priced firewall for a 40 or so server site. Some people swear by Pix, others swear at it a lot. Also I have heard good things about Netscreen. Or any others you would recommend for protecting servers on a busy network. Don't really need anything with VPN just the standard http, ftp, ssh, https, type traffic up to 100mb throughput. From what I have heard a proxy firewall would be best? Thanks in advance!! Nicole
Re: Firewall opinions wanted please - clarification
Sonicwall makes a great product that can run in STANDARD (Proxy) mode. Their prices are pretty good as well, espicially if you buy them through a reseller. We deploy many of these firewalls every year and they are great! Thanks, Brandon On Tue, 16 Mar 2004 15:07:26 -0800 (PST) Nicole [EMAIL PROTECTED] wrote: As much as I hate to follow up my own post, I suppose I was a bit too vauge for my own good =] We do not run any cisco gear and we are in a Class A data facility. By proxy I did not mean to imply NAT. I cannot remember the proper term but what I mean is full packet handeling as opposed to packet inspection. Security is important but the budget limit is only up to about 3K. I have been trying to get the client a firewall for some time and am just now getting the go ahead. Sorry for any vaugeness but I usually like to not say to much as to sway opinions one way or another and to learn more as any knowlege I have may be wrong or out of date. Nicole On 16-Mar-04 Unnamed Administration sources reported Nicole said : Hi I am looking for a good but reasonably priced firewall for a 40 or so server site. Some people swear by Pix, others swear at it a lot. Also I have heard good things about Netscreen. Or any others you would recommend for protecting servers on a busy network. Don't really need anything with VPN just the standard http, ftp, ssh, https, type traffic up to 100mb throughput. From what I have heard a proxy firewall would be best? Thanks in advance!! Nicole
Re: Firewall opinions wanted please - clarification
You mean _PROTOCL HANDELING_, I believe. I do not know, why people are paying so much attention to it. Important questions are: - which services are you providing for the public? - who will handle all your SSL sessions, if any (may be, Load Balancers? Then you do not bother about FW proxy for them); - who will handle all http requests (yes, proxy can help here, but it is not the only way); - who will inspect mail content (not SMTP protocol, but attachments etc)? - who will handle your ssh sessions, if you have inbound shh? - who will handle your inbound VPN or PPTP, if you use it? - are DDOS attacks dangerous for you (you host SCO, for example) or not (you provide specific servic for 100 companies, not for wide public); - do you use host level IDS / change control? PIX is excellent firewall... for many purposes, but not for others (and not as a proxy, of course). It is impossible to select anything without knowing answers on this questions... AlexeiRoudnev As much as I hate to follow up my own post, I suppose I was a bit too vauge for my own good =] We do not run any cisco gear and we are in a Class A data facility. By proxy I did not mean to imply NAT. I cannot remember the proper term but what I mean is full packet handeling as opposed to packet inspection. Security is important but the budget limit is only up to about 3K. I have been trying to get the client a firewall for some time and am just now getting the go ahead. Sorry for any vaugeness but I usually like to not say to much as to sway opinions one way or another and to learn more as any knowlege I have may be wrong or out of date. Nicole On 16-Mar-04 Unnamed Administration sources reported Nicole said : Hi I am looking for a good but reasonably priced firewall for a 40 or so server site. Some people swear by Pix, others swear at it a lot. Also I have heard good things about Netscreen. Or any others you would recommend for protecting servers on a busy network. Don't really need anything with VPN just the standard http, ftp, ssh, https, type traffic up to 100mb throughput. From what I have heard a proxy firewall would be best? Thanks in advance!! Nicole
