Hi Nicole; My first question would be; what are the HIPAA requirements for this? That will dictate what you can do- the type(s) of authentication, verification, encryption level, confidentiality, etc., that are allowable.
What exactly are your needs? Are you trying to prevent unauthorized users from accessing your users home/office computers, or are your needs client authentication to your network, or a combination? Is the webserver that your clients need to access on a VPN, intranet/extranet or on the Internet? Does your solution require an audit from a third party? In my experience, a hardware based product will give you better performance than a software based product. The downside is that hardware costs are a little higher and require a little more configuration. For some of my real estate clients (escrow and brokerage offices), the SMC Barricade (http://www.smc.com/index.cfm?action=products_show_product&productcode=SMC70 04ABR) offered all of the features that are required, at a cost of around $75. A good software based product would be ZoneAlarm Pro (http://www.zonelabs.com). I hope this helps! Kent Freeman NexxtNetworks -----Original Message----- From: Nicole Tutt [mailto:[EMAIL PROTECTED]] Sent: Friday, July 12, 2002 10:14 AM To: [EMAIL PROTECTED] Subject: Personal Firewalls My company has a VERY distributed user base with many people working from small satellite sites and/or from home. I would love suggestions for a PC level firewall that would protect from intrusions and also whether hardware v. software solutions would be best. We deal with medical records so privacy of the data is imperative. The basic case scenario is a user working from home and connecting to the internet via cable/dsl/dial-up via an ISP to access mail (webaccess) and upload or download data(via SSL to our public web server) that may contain patient information. Thanks Nicole