Re: Firewall recommendation
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 02/24/04
- Previous message: Mike: "Help for novice with ICF, Router h/w Firewall and McAfee s/w Firewall"
- In reply to: jpi: "Firewall recommendation"
- Next in thread: jpi: "Re: Firewall recommendation"
- Reply: jpi: "Re: Firewall recommendation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Feb 2004 23:03:04 GMT
Though not really designed to be a firewall, you might look into using ipsec
filtering which uses only permit/deny filter actions and no negotiation for ESP/AH.
The benefit is that it is built in to the OS, can be applied via Group Policy or
configured remotely via Terminal Services Remote Administration, does not BSOD, has
low overhead, policy can be exported/imported, but does not have any default logging
which does not seen to be a consideration for you anyhow. I have used it on my small
network computers and start with a "block all" mirrored rule, then add an permit all
rule for the lan subnet, and then add rules for the exceptions to be allowed from the
internet if any. It is a bit more difficult to configure as you can not create a list
or range of ports in a filter, the rules are applied in such a way that specific
rules override general rules, and you still have to choose an authentication method
even though none is used, I just select kerberos which will be default anyhow. If
interested, see the links below including how to disable default ipsec
exemptions. --- Steve
http://www.securityfocus.com/infocus/1559
http://support.microsoft.com/default.aspx?scid=kb;en-us;811832
"jpi" <jpis@free.fr> wrote in message news:403a177b$0$28136$636a15ce@news.free.fr...
> Hello,
>
> Could someone recommend a simple yet good software firewall for win2K
> server. The firewall is to be run 7/7 on the server, that means
>
> * No BSOD (never ever stop the server)
> * Logs may be cycled daily (or no log at all)
> * No pop-up windows (only remote administration)
> * Low CPU overhead (Able to cope with up to 80 MBps on a dual PIV)
> * ...
>
> I've already considered or tried and then rejected :
> * Kerio 2.1.5 (some BSOD)
> * 8 signs (to much CPU overhead, some BSOD)
> * ZA (not really usable on a server)
> * Kerio 4 (do not run on servers OSes)
> * Checkpoint Firewall 1 (too much features, too expensive)
>
>
> Regards,
>
> JPI
>
>
- Previous message: Mike: "Help for novice with ICF, Router h/w Firewall and McAfee s/w Firewall"
- In reply to: jpi: "Firewall recommendation"
- Next in thread: jpi: "Re: Firewall recommendation"
- Reply: jpi: "Re: Firewall recommendation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
