Cisco Router for your internet connection. Hard to fault. 1603r. Well
documented, supported, and lots of available info on configuring.
Firewall :
Cisco PIX are cryptic to configure. IOS etc.
Firewall 1 is expensive, and every option is an additional cost. Firewall 1
250 node RRP is £12k stg, with Floodgate Bandwidth Mgmt another £1700stg.
High Maintenance Costs. Expensive VPN licences. As std, runs on normal PC,
with hardened OS , requires multiple NIC (quad nic £400stg) etc
Best Alternative allowing scalability / expandability.
Netscreen 50 - 8000 concurrent IP connections, 100 concurrent VPN tunnels,
Web Gui for configuring, reporting to std Syslog, WebSense integration for
URL blocking / filtering, Trend supported Virus Scanning, FREE Bandwidth
Mgmt by IP (FW1 does by IP and User but Netscreen is free), 100 user VPN
pack £180stg, Reporting module extra, etc -> everything is an extra cost !
Netscreen, Cisco Pix and FW1 top 3 firewalls. Netscreen done well in US
market, and expanding in Europe. Does everything the others do, but has
Traffic Mgmt, Hardware Firewall appliance (4 ethernet ports), etc included
in the price. Which for our company was 40% of the cost of the firewall
solution ! In times of a recession, waste not want not !
Previously we used a Sonicwall Soho, and as Leon says, there are nifty
features in it. It worked perfectly well for web access / protection for 50
odd users for 2 years - no problems, easy to configure, reporting, etc
Cheers
-----Original Message-----
From: David Ellis [mailto:[EMAIL PROTECTED]]
Sent: 16 January 2002 00:21
To: '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'
Subject: RE: RE: Security for new small company
I agree whole heartedly!
Sincerely,
David Ellis
Systems Engineer
Tecnomatix - Unicam Inc.
Two International Drive - Suite 150
http://www.tecnomatix-unicam.com
603.766.9664 Tel (Direct)
603.765.3341 Mobile
603.431.9516 Fax
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 2:32 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: RE: Security for new small company
I think that the better solution for your issue are CheckPoint and Cisco
solution, because these solutions are scalable, manageable and most"known"
in the market today. If in the future you want to host the website and the
mail server you must implement a solution like that.
Try to get an evaluation copy of Firewall-1 or Cisco Pix (506 or 515R) with
some vendor and do some labs with it.
Best regards.
Kleber
Burt0n <[EMAIL PROTECTED]> wrote:
>Hi,
>
>I must admit i did wonder about a watchguard or sonicwall. Are these
products seen as being adequate though?
>
>Thanks
>
>Ben
>
>
>On Thu, 10 January 2002, Kleber S Oliveira wrote:
>
>> Subject: RE: Security for new small company
>> To: [EMAIL PROTECTED] (Ben), [EMAIL PROTECTED]
>> Delivered-To: [EMAIL PROTECTED]
>> From: [EMAIL PROTECTED] (Kleber S Oliveira)
>> Received: (cpmta 19170 invoked from network); 10 Jan 2002 10:45:36 -0800
>> Received: from 64.12.136.164 (HELO imo-m09.mx.aol.com)
>> by smtp.c016.snv.cp.net (209.228.33.196) with SMTP; 10 Jan 2002
10:45:36 -0800
>> Received: from [EMAIL PROTECTED]
>> by imo-m09.mx.aol.com (mail_out_v31_r1.9.) id l.5.2b511fe (16225);
>> Thu, 10 Jan 2002 13:45:31 -0500 (EST)
>> Received: from
>> netscape.com (mow-m02.webmail.aol.com [64.12.184.130]) by
air-in02.mx.aol.com (v82.22) with ESMTP id MAILININ21-0110134531; Thu, 10
Jan 2002 13:45:31 -0500
>> Content-Length: 1511
>> Content-Type: text/plain; charset=iso-8859-1
>> Return-Path: <[EMAIL PROTECTED]>
>> X-Received: 10 Jan 2002 18:45:36 GMT
>> Date: Thu, 10 Jan 2002 13:45:31 -0500
>> Message-Id: <[EMAIL PROTECTED]>
>> X-Mailer: Atlas Mailer 1.0
>>
>> Hello Ben,
>>
>> You could buy Watchguard (SOHO) or Cisco PIX (506). These fw are for
small companies or branch offices that have small throughput.
>>
>> But if you want to create a DMZ with the mail server and website you
could buy a Cisco PIX 515R that has three or more ethernet interfaces to do
it. This solution is better and more scalable.
>>
>> Any doubts don't hesitate to ask.
>>
>> Regards
>>
>> Kleber
>>
>> Ben <[EMAIL PROTECTED]> wrote:
>>
>> >
>> >
>> >Hi,
>> >
>> >I work for a new small company, and have been
>> >asked to look into security with regard to our LAN and
>> >web connection. I am from a technical background
>> >but could do with some advice in the security area.
>> >
>> >Our LAN is a w2k domain with 10 clients all running
>> >win2k. We are going to have a DSL connection put in
>> >soon and i'm thinking about firewalls and
>> >server 'locking down'.
>> >
>> >Ideally we would like a hardware soloution for the
>> >firewall, at present our website + email is with a
>> >hosting company. Within 12-18 months though this
>> >may change to hosting the site + email ourselves.
>> >
>> >Could anybody recommend firewalls/security
>> >products - and what ever soloution we go for what
>> >must they be able to do?
>> >
>> >Many thanks
>> >
>> >Ben
>> >
>> --
>>
>>
>>
>>
>> __________________________________________________________________
>> Your favorite stores, helpful shopping tools and great gift ideas.
Experience the convenience of buying online with Shop@Netscape!
http://shopnow.netscape.com/
>>
>> Get your own FREE, personal Netscape Mail account today at
http://webmail.netscape.com/
>
>
>Find the best deals on the web at AltaVista Shopping!
>http://www.shopping.altavista.com
>
--
__________________________________________________________________
Your favorite stores, helpful shopping tools and great gift ideas.
Experience the convenience of buying online with Shop@Netscape!
http://shopnow.netscape.com/
Get your own FREE, personal Netscape Mail account today at
http://webmail.netscape.com/
