Re: Help! Can I do this for under $400?

From: Nigel Wade (nmw_at_ion.le.ac.uk)
Date: 09/10/04 

Date: Fri, 10 Sep 2004 11:28:34 +0100

On Fri, 10 Sep 2004 03:16:18 +0000, Jack Dimple wrote:

>
> Dear Void:
>
> The simple but very legitimate response to your question is the non-
> profit organization does not have the computer budget for more. While it
> is true that $400 is small change for Corporate 500 or even Corporate
> 5000 firms, it is not a small investment to little organizations or
> mom&pop stores.
>
> It may be there is a big customer gap which no company is willing to fill
> for now. There are ultra-low end $50 appliances like Linksys/Netgear and
> then there are big irons like your Firebox at over $1500.
>
> I don't know but at the rate of non-responses to my inquiry, I suspect
> that you are maybe right that $400 will not be enough to get the
> organization what it needs. And that's a shame.
>
> JD
>

A basic PC running Linux and an IPtables firewall can provide the security
you need at the price level you want to pay.

However, what you save in money you have to pay for in increased
complexity, and the investment of time in learning how to administer
securely the Linux box, and how to setup and maintain the firewall rules.
You won't get something for nothing.

>From what I see of SmoothWall it should do what you require. "Address
filtering" can be achieved in the normal rules. There is a field for
"External IP or network" where you enter which source addresses are
allowed to connect to the given destination IP/port.

For ports 80/443 you would leave the "External IP" field blank to allow
all incoming requests. For other ports you would need one rule for each
external IP/subnet for each of the 3 servers to allow external staff to
get in. 

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
            University of Leicester, Leicester, LE1 7RH, UK 
E-mail :    nmw@ion.le.ac.uk 
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555

Relevant Pages

  • RE: Would you pay more ...
    ... I wouldn't pay more because I like the flexibility and you can never tell ... connections (one of the reasons I have a hardware firewall). ... you may be running software that needs one of the unlisted ports open. ... I'm not in the ISP field, but as an end-user this is my opinion on it. ...
    (Security-Basics)
  • Re: Remote Desktop Connection - Page cannot be displayed
    ... Please give me a tip on forwarding the ports... ... hardware to test this out and protect the office server ... >> (We have no system administrator available this week.) ... >> would contact your office network ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: JTable bug
    ... >> The emperical evidence I have gained would suggest otherwise (at least in ... NullPointerExceptions when I had nulls in the model, ... Nigel Wade, System Administrator, Space Plasma Physics Group, ... University of Leicester, Leicester, LE1 7RH, UK ...
    (comp.lang.java.gui)
  • Re: Problem detecting HP Tape Drive
    ... fairly fundamentally wrong with your SCSI driver setup. ... but boot messagesare not shown on the screen ... Nigel Wade, System Administrator, Space Plasma Physics Group, ... University of Leicester, Leicester, LE1 7RH, UK ...
    (RedHat)
  • Re: Cant build ports on older FreeBSD machine
    ... > ports should be tagged as to the versions of the OS ... But I'm not sure I want to pay for it. ... put the backport up for anyone to download, ... yourself to upgrade your OS and bring your apps and data up. ...
    (freebsd-questions)