Re: Zywall 10 II or Zywall 50
From: Robert Side (hmrside@hotmail.com)Date: 08/13/02
- Next message: Nelson: "Re: MSN / Zonealarm / Webcan question"
- Previous message: mhicaoidh: "Re: ZAP still operative in XP "Logged Off" mode?"
- In reply to: Dale: "Zywall 10 II or Zywall 50"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Robert Side <hmrside@hotmail.com> Date: Tue, 13 Aug 2002 17:19:45 GMT
Dale <dcunningham@sunshinesoftware.com> wrote:
> Hello,
> I run a small web hosting company and have been getting hammered by
> the hackers. I'm looking for a solution that will allow 20 or more
> public ip addresses(sites with their own ip address) to be allowed to
> pass through a firewall. Is this done by an ip routing table? Perhaps
> some kind of DNS check on my server to authenticate that a particular
> web as being served and then the request allowed to pass to the web
> server?
> I'm looking at the following features:
> 1. Stateful packet inspection(required by me for security)
> 2. VPN capability for while I'm out in the field making sales where I
> can dial up to a third party ISP and then connect to the network(right
> now I'm using Terminal Services)
> 3. Web based configurator
> 4. Plenty of throughput for my webhosted customers through ftp, http &
> email(all 3 servers on the same machine).
> 5. Multi NAT & DDNS ?
I don't think the Zywall 10 will handle 20 public IP address. The
"Addr Mapping" table only has room for 10 one-to-one NAT entries. If your
public IPs are contiguous, you can use the many-to-many or the
many-to-one NAT capabilities. I am unsure of the Zywall 50 and if
the "50" corresponds only to the 50 VPN connections. Talk to Zyxel, they
are very prompt with their answers.
IMHO, you shouldn't be using 20 IP address anyways. If all you are
serving is WWW, FTP and SMTP, you really should be looking at
named-based virtual hosting. In that case, the Zywall 10 will easily
suffice.
Another option if you don't need the VPN is to configure a Leaf/Bering
firewall (www.leaf-project.org). Not web configurable but none the less
very easy to use.
Rob
-- Rob's paradox: If you have an equal choice between two options, you will choose the wrong option 90% of the time.
- Next message: Nelson: "Re: MSN / Zonealarm / Webcan question"
- Previous message: mhicaoidh: "Re: ZAP still operative in XP "Logged Off" mode?"
- In reply to: Dale: "Zywall 10 II or Zywall 50"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
