Re: Is Netgear FVS318 a "true" firewall?

From: Duane Arnold (notme_at_notme.com)
Date: 06/21/05 

Date: Mon, 20 Jun 2005 23:05:23 GMT

"Eugene F." <pm771.am@gmail.com> wrote in news:1119306325.139265.159530
@g47g2000cwa.googlegroups.com:

> I'm just a beginner in computer security in general and firewalls in
> particular (though I've spent quite a few years in IT in application
> development).

Me too and I am still a developer. The link should help you. I am still
learning too.

http://www.more.net/technical/netserv/tcpip/firewalls/

>
> Netgear FVS318 is described as "True Firewall using Stateful Packet
> Inspection (SPI) and Intrusion Detection features, Denial of Service
> (DoS) attack protection, and VPN pass-through for extra security."

A piece of hardware running NAT and SPI and some other FW like features
doesn't make it a FW appliance. It's a simple NAT router. VPN is not FW
software; it's an encryption protocol and rides on the TCP protocol that
needs two valid end points hardware to hardware end points -- router to
router in this case.

http://www.homenethelp.com/web/explain/about-NAT.asp

D-link, Linksys, Netgear, Belkin.

IDS are not FW software either but similiar.

http://online.securityfocus.com/infocus/1663

An appliance running true FW software will meet the specs for *what does
a FW do".

http://www.vicomsoft.com/knowledge/reference/firewalls1.html

WhatchGuard, Cisco, Netscreen, SnapGear.
>
> Will it (on its own) provide an adequate protection for a small office
> with a shared Internet access? Does it need to be complimented by
> anything else on the hardware side?

I should do the job as along as you don't do high risk things like port
forwarding.

>
> If user workstations run up-to-date anti-virus and anti-spyware
> software, is any other client side monitoring required?

No not really.

What you really need is a Wallwatcher so you can review the router's logs
with it and review the logs for inbound and outbound connections for
dubious connections to possible remote IP(s).

http://www.sonic.net/wallwatcher/#Routers

A FW low-end FW appliance cost a few dollars more the Netgear.

Duane :)

Relevant Pages

  • Re: Best router solution
    ... Or an Excellent router. ... > I WAS talking about router hardware and not workstation. ... This is the same as lamenting that I'm not specifying why eg cisco ... >> reliability as some more usually used routing hardware. ...
    (comp.unix.bsd.openbsd.misc)
  • RE: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
    ... connections between multiple computers. ... A Linksys NAT router box is selling for only $40 at Amazon ... Besides protecting against the MSBlaster worm, a hardware ... Then the user finds about port forwarding, and as soon as the user ...
    (Full-Disclosure)
  • Re: firewall opinions
    ... ideal router configuration. ... the purpose of LeakTest is Not to test various ports (e.g. ... least the user had a chance to stop it, which a hardware router would ... >>configure the firewall to stop every conceivable ...
    (microsoft.public.windowsxp.general)
  • Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
    ... > I agree with Microsoft's recommendation for a hardware firewall on all ... Besides protecting against the MSBlaster worm, a hardware ... Then the user finds about port forwarding, and as soon as the user has ... at the router and cannot get to the computers in the local network. ...
    (Full-Disclosure)
  • Re: searching for hardware firewall with web history
    ... it is marketed as an appliance... ... >hardware in it and the OS is some sort of BSD derivate. ... >> indicate that Astaro is a software firewall. ... Wrong, marketing speech and technical ...
    (comp.security.firewalls)
Loading