Re: Firewall for small biz

[Andrew S. Baker]

I'll reiterate the Fortigate family of devices...

-ASB: http://XeeSM.com/AndrewBaker


On Tue, May 25, 2010 at 4:06 PM, David Lum  wrote:

> Sorry about the delay. This client is a law firm and I recently got them
> PCI compliant. I would like filtering and IDS if possible, but bigger
> emphasis is plug and forget - I bill these guys for perhaps 20 hours of
> work/year, so I don't want to spend 3-4hours configuring something if I
> don't really have to (however, they have never had any issue with
> time/expenses I can justify).
>
> The Internet connection is some ADSL-type (download is something like
> 2Mbps, upload is paltry 512K or something). Their web server is in-house and
> not hosted elsewhere.
>
> Dave
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Friday, May 21, 2010 3:21 PM
> To: NT System Admin Issues
> Subject: Re: Firewall for small biz
>
> On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:
> > I have a 17-user client (one SBS server, same one discussed with the
> PE840)
> > with a 5+yr old SonicWALL SOHO firewall and I believe it's time to
> upgrade
> > them to something more current. They used to VPN but have found SBS
> remote
> > access much faster.
> >
> > What kinds of things should I look for in a new workgroup firewall?
>
>   It really depends on what you're looking to have it do, and the expected
> load.
>
>  Say it's a typical consumer Internet connection (cable, DSL, etc.),
> and all they're doing is web surfing and email and remote access, and
> they're using SBS to remote in, and they're not looking for any kind
> of filtering, deep inspection, intrusion detection, etc.  In that
> case, you could use an old PC running "free" firewall "appliance"
> software like IPcop, pfsense, etc.  Or a SOHO gateway running
> third-party firmware like DD-WRT.
>
>  If you're looking for more advanced features... tell us what you're
> looking for.  :-)
>
> -- Ben
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Firewall for small biz

[David Lum]

Sorry about the delay. This client is a law firm and I recently got them PCI 
compliant. I would like filtering and IDS if possible, but bigger emphasis is 
plug and forget - I bill these guys for perhaps 20 hours of work/year, so I 
don't want to spend 3-4hours configuring something if I don't really have to 
(however, they have never had any issue with time/expenses I can justify).

The Internet connection is some ADSL-type (download is something like 2Mbps, 
upload is paltry 512K or something). Their web server is in-house and not 
hosted elsewhere.

Dave

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Friday, May 21, 2010 3:21 PM
To: NT System Admin Issues
Subject: Re: Firewall for small biz

On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:
> I have a 17-user client (one SBS server, same one discussed with the PE840)
> with a 5+yr old SonicWALL SOHO firewall and I believe it's time to upgrade
> them to something more current. They used to VPN but have found SBS remote
> access much faster.
>
> What kinds of things should I look for in a new workgroup firewall?

  It really depends on what you're looking to have it do, and the expected load.

  Say it's a typical consumer Internet connection (cable, DSL, etc.),
and all they're doing is web surfing and email and remote access, and
they're using SBS to remote in, and they're not looking for any kind
of filtering, deep inspection, intrusion detection, etc.  In that
case, you could use an old PC running "free" firewall "appliance"
software like IPcop, pfsense, etc.  Or a SOHO gateway running
third-party firmware like DD-WRT.

  If you're looking for more advanced features... tell us what you're
looking for.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Firewall for small biz

[Jay Dale]

Sonicwall TZ210

Jay Dale
I.T. Manager, 3GiG
Mobile: 713.299.2541
Email: jay.d...@3-gig.com

Confidentiality Notice: This e-mail, including any attached files, may contain 
confidential and/or privileged information for the sole use of the intended 
recipient. If you are not the intended recipient, you are hereby notified that 
any review, dissemination or copying of this e-mail and attachments, if any, or 
the information contained herein, is strictly prohibited. If you are not the 
intended recipient (or authorized to receive information for the intended 
recipient), please contact the sender by reply e-mail and delete all copies of 
this message.


From: David Lum [mailto:david@nwea.org]
Sent: Thursday, May 20, 2010 12:43 PM
To: NT System Admin Issues
Subject: Firewall for small biz

I have a 17-user client (one SBS server, same one discussed with the PE840) 
with a 5+yr old SonicWALL SOHO firewall and I believe it's time to upgrade them 
to something more current. They used to VPN but have found SBS remote access 
much faster.

What kinds of things should I look for in a new workgroup firewall? Budget is 
probably in the $500-$700 range. Anyone have some good links for me to read up 
on? Recommendations? I just watched a McAfee/Gartner on "Next Generation" 
firewalls 
(HERE), 
but some if it seems a bit complex to manage for a small shop.

However I want to be aware of current thinking in SMB firewall/IPS devices.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firewall for small biz

[justino garcia]

PFsense (FreeBSD based), I like it simple to use, and stable (use a
supermicro case 1u, with more then one ethernet jack), and 512mb of ram or
more and you should be fine.

On Fri, May 21, 2010 at 6:21 PM, Ben Scott  wrote:

> On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:
> > I have a 17-user client (one SBS server, same one discussed with the
> PE840)
> > with a 5+yr old SonicWALL SOHO firewall and I believe it’s time to
> upgrade
> > them to something more current. They used to VPN but have found SBS
> remote
> > access much faster.
> >
> > What kinds of things should I look for in a new workgroup firewall?
>
>   It really depends on what you're looking to have it do, and the expected
> load.
>
>  Say it's a typical consumer Internet connection (cable, DSL, etc.),
> and all they're doing is web surfing and email and remote access, and
> they're using SBS to remote in, and they're not looking for any kind
> of filtering, deep inspection, intrusion detection, etc.  In that
> case, you could use an old PC running "free" firewall "appliance"
> software like IPcop, pfsense, etc.  Or a SOHO gateway running
> third-party firmware like DD-WRT.
>
>  If you're looking for more advanced features... tell us what you're
> looking for.  :-)
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firewall for small biz

[Ben Scott]

On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:
> I have a 17-user client (one SBS server, same one discussed with the PE840)
> with a 5+yr old SonicWALL SOHO firewall and I believe it’s time to upgrade
> them to something more current. They used to VPN but have found SBS remote
> access much faster.
>
> What kinds of things should I look for in a new workgroup firewall?

  It really depends on what you're looking to have it do, and the expected load.

  Say it's a typical consumer Internet connection (cable, DSL, etc.),
and all they're doing is web surfing and email and remote access, and
they're using SBS to remote in, and they're not looking for any kind
of filtering, deep inspection, intrusion detection, etc.  In that
case, you could use an old PC running "free" firewall "appliance"
software like IPcop, pfsense, etc.  Or a SOHO gateway running
third-party firmware like DD-WRT.

  If you're looking for more advanced features... tell us what you're
looking for.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Firewall for small biz

[Andy Shook]

+1 on Fortigate.  I've got hundreds of these throughout the data centers...

Shook

From: Rob Bonfiglio [mailto:robbonfig...@gmail.com]
Sent: Thursday, May 20, 2010 4:56 PM
To: NT System Admin Issues
Subject: Re: Firewall for small biz

I was going to suggest looking at Fortigate as well.
On Thu, May 20, 2010 at 3:04 PM, Andrew S. Baker 
mailto:asbz...@gmail.com>> wrote:
Look at the Fortigate 50 firewall from Fortinet.

Lots of features in the price range you're looking for, and easy configuration.

-ASB: http://XeeSM.com/AndrewBaker<http://xeesm.com/AndrewBaker>

On Thu, May 20, 2010 at 1:43 PM, David Lum 
mailto:david@nwea.org>> wrote:
I have a 17-user client (one SBS server, same one discussed with the PE840) 
with a 5+yr old SonicWALL SOHO firewall and I believe it's time to upgrade them 
to something more current. They used to VPN but have found SBS remote access 
much faster.

What kinds of things should I look for in a new workgroup firewall? Budget is 
probably in the $500-$700 range. Anyone have some good links for me to read up 
on? Recommendations? I just watched a McAfee/Gartner on "Next Generation" 
firewalls 
(HERE<http://www.itbriefingcenter.com/programs/gartner_1135_mcafee_bd.html>), 
but some if it seems a bit complex to manage for a small shop.

However I want to be aware of current thinking in SMB firewall/IPS devices.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025
// (Cell) 503.267.9764
















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Firewall for small biz

[Rob Bonfiglio]

I was going to suggest looking at Fortigate as well.

On Thu, May 20, 2010 at 3:04 PM, Andrew S. Baker  wrote:

> Look at the Fortigate 50 firewall from Fortinet.
>
> Lots of features in the price range you're looking for, and easy
> configuration.
>
> -ASB: http://XeeSM.com/AndrewBaker 
>
>
>  On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:
>
>>   I have a 17-user client (one SBS server, same one discussed with the
>> PE840) with a 5+yr old SonicWALL SOHO firewall and I believe it’s time to
>> upgrade them to something more current. They used to VPN but have found SBS
>> remote access much faster.
>>
>>
>>
>> What kinds of things should I look for in a new workgroup firewall? Budget
>> is probably in the $500-$700 range. Anyone have some good links for me to
>> read up on? Recommendations? I just watched a McAfee/Gartner on “Next
>> Generation” firewalls 
>> (HERE),
>> but some if it seems a bit complex to manage for a small shop.
>>
>>
>>
>> However I want to be aware of current thinking in SMB firewall/IPS
>> devices.
>>
>> *David Lum** **// *SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 971.222.1025
>> *// *(Cell) 503.267.9764
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firewall for small biz

[Steve Ens]

Sonicwall TZ-210/190 - easy to manage, fast and reliable.  I have ten of
them all across Canada and they've been excellent.

On Thu, May 20, 2010 at 12:43 PM, David Lum  wrote:

>  I have a 17-user client (one SBS server, same one discussed with the
> PE840) with a 5+yr old SonicWALL SOHO firewall and I believe it’s time to
> upgrade them to something more current. They used to VPN but have found SBS
> remote access much faster.
>
>
>
> What kinds of things should I look for in a new workgroup firewall? Budget
> is probably in the $500-$700 range. Anyone have some good links for me to
> read up on? Recommendations? I just watched a McAfee/Gartner on “Next
> Generation” firewalls 
> (HERE),
> but some if it seems a bit complex to manage for a small shop.
>
>
>
> However I want to be aware of current thinking in SMB firewall/IPS devices.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firewall for small biz

[Andrew S. Baker]

Look at the Fortigate 50 firewall from Fortinet.

Lots of features in the price range you're looking for, and easy
configuration.

-ASB: http://XeeSM.com/AndrewBaker


On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:

>  I have a 17-user client (one SBS server, same one discussed with the
> PE840) with a 5+yr old SonicWALL SOHO firewall and I believe it’s time to
> upgrade them to something more current. They used to VPN but have found SBS
> remote access much faster.
>
>
>
> What kinds of things should I look for in a new workgroup firewall? Budget
> is probably in the $500-$700 range. Anyone have some good links for me to
> read up on? Recommendations? I just watched a McAfee/Gartner on “Next
> Generation” firewalls 
> (HERE),
> but some if it seems a bit complex to manage for a small shop.
>
>
>
> However I want to be aware of current thinking in SMB firewall/IPS devices.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firewall for small biz

[Angus Scott-Fleming]

On 20 May 2010 at 10:43, David Lum  wrote:

> I have a 17-user client (one SBS server, same one discussed with the
> PE840) with a 5+yr old SonicWALL SOHO firewall and I believe it´s time to
> upgrade them to something more current. They used to VPN but have found SBS
> remote access much faster. What kinds of things should I look for in a new
> workgroup firewall? Budget is probably in the $500-$700 range. Anyone have
> some good links for me to read up on? Recommendations? I just watched a
> McAfee/Gartner on "Next Generation" firewalls (HERE), but some if it seems a
> bit complex to manage for a small shop. However I want to be aware of current
> thinking in SMB firewall/IPS devices.

I use IPCop in situations like this.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Firewall for small biz

[Erik Goldoff]

I would still look at the low end Cisco ASA 5505 and the Juniper SSG (
replaced the Netscreen 5GT )

On Thu, May 20, 2010 at 1:43 PM, David Lum  wrote:

>  I have a 17-user client (one SBS server, same one discussed with the
> PE840) with a 5+yr old SonicWALL SOHO firewall and I believe it’s time to
> upgrade them to something more current. They used to VPN but have found SBS
> remote access much faster.
>
>
>
> What kinds of things should I look for in a new workgroup firewall? Budget
> is probably in the $500-$700 range. Anyone have some good links for me to
> read up on? Recommendations? I just watched a McAfee/Gartner on “Next
> Generation” firewalls 
> (HERE),
> but some if it seems a bit complex to manage for a small shop.
>
>
>
> However I want to be aware of current thinking in SMB firewall/IPS devices.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~