Re: any suggestion for a good hardware firewall
From: H Quester (H_Quester_at_lycos.com)
Date: 08/27/04
- Next message: OpenMacNews: "need help deciphering/preventing an iptables/ip_conntrack_tcp attack"
- Previous message: Duane Arnold: "Re: WG SOHO 6 and print server."
- In reply to:(deleted message) Leythos: "Re: any suggestion for a good hardware firewall"
- Next in thread: Leythos: "Re: any suggestion for a good hardware firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 Aug 2004 03:40:07 GMT
hi Leythos
thanks for the comments.
you understand the situation.. I do have the business plan from SBC. I
have had 4 or 5 computers on the public internet for quite some time.. It's
been convient for remote access, easy to setup and maintain, etc., but now
I'm getting concerned about security... Until now, I've just kept the
service packs up to date, etc..and haven't had many security problems..
however,, like I said. I'm getting concerned about security and would like a
hardware firewall..
I'm not clear on how to configurea firewall for this network situation.
If I had just one ip address, I could set up a router with NAT and have a
private network behind it with my private subnet..
however, I have 5 public ip addresses, SBC is doing the routing. I would
like some sort of a firewall between me and the internet. It doesn't seem
like this would be so difficult.. I'd think there would be some simple low
cost firewall under $100 to handle this.
I don't realy need a router, dhcp, or a vpn, . I just need something to open
and close ports to specific computers. it's hard to believe that they cost
so much.
would something like the netgear model FVS318 be able to do this?
http://www.netgear.com/products/details/FVS318.php?view=
h quester
---------
Why would you not - I have more than 5 on my home connection that runs
on RR Biz class. I have enough servers behind it that I use all 5 IP's
to map different projects and services from those 5 to different servers
in the home. If I could get 31 IP for my public side, at a reasonable
cost, I would take them in a heart-beat, but I use a WatchGuard Firebox
unit which supports any number of IP on the public side and multiple
subnets on each LAN/DMZ port.
If you only play around at home, most won't need 5 IP, but the chap said
he had 5 IP and is running web and SMTP - on that type of connection he
is most likely on a business plan since they block inbound HTTP in most
areas of the country for residential users. This means he most likely
has a need for 5 IP or he would have already used a simple NAT device to
share the connection.
-- Consoledate your web stuff on one server, possibly move the SMTP server to it, and then get a cheap router and assign everything to 1 public IP and route it through the NAT Forwarding. If you want something that can handle more than one public IP you won't be able to buy a cheap NAT device. If you want a firewall appliance that can filter http, smtp, etc... you are going to have to spend a few bucks (like more than $1,000). If you want a cheap firewall appliance (and I'm not talking a Router with NAT) then I would think (and I don't have one in mind) that something around $500 would also work. You've got me interested, now I need to find a cheap firewall appliance that supports 5+ IP on the WAN port and allows port/service mapping from multiple public IP to internal IP. -- spamfree999@rrohio.com (Remove 999 to reply to me)
- Next message: OpenMacNews: "need help deciphering/preventing an iptables/ip_conntrack_tcp attack"
- Previous message: Duane Arnold: "Re: WG SOHO 6 and print server."
- In reply to:(deleted message) Leythos: "Re: any suggestion for a good hardware firewall"
- Next in thread: Leythos: "Re: any suggestion for a good hardware firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
