Small Form Factor Firewall

Does anyone make a small form factor firewall that is manageable by a web
interface, with a rule based configuration similar in principle to
Checkpoint's, but is designed for individual computers or a very small
network? I'm interested in possibly putting a few of these in front of key
network management stations. Because of rootkit viruses, I no longer
believe that in what a software firewall's logs tell me. The rootkit can
simply hide network activity in the kernel and report back only what it
wants you to see. Because I would use these firewalls one per workstation,
I don't want to be spending $1K or $2K per box.

Some very desirable features:

1) A hard lockout on the firewall that would prevent any configuration
changes or administrative logins unless a button or knob were pressed.
Having a hard-wired read-only mode would prevent a trojan that sniffs your
keystrokes from doing much of use with the userid and password of the
external firewall.

2) Low cost, under $500/firewall.

3) GigE Support. These are being used on an internal network and I don't
want to sacrifice speed.

4) Support for mail alerts as well as alerting back to a GUI gadget on the
Windows desktop.

Are there any good options for this product?



Relevant Pages

  • Re: SBS R2 ISA2004 Dark Arts
    ... ISA in SBS as intended or you'll get into trouble. ... I have to get the back firewall configuration to work with the ... network in the rules/policies. ...
  • Re: wireless and router; security issue
    ... issues like yours (and allow configuration with AD group policy). ... and the filesharing service of my network connection. ... The firewall I have is McAfee firewall 7.x, ...
  • Re: SBS R2 ISA2004 Dark Arts
    ... Right now the front firewall is not an ISA ... NIC-2 faces the internal "Live" network. ... I have to get the back firewall configuration to work with the ...
  • Re: Why do I need a software firewall?
    ... I agree that spending time with host based configuration on every ... software firewall crashes, is diabled by nefarious software run on the ... first things the support technician has them do is disable any ... vulnerable to network based attacks. ...
  • Unexpected client authentication popup when using IE and Web Proxy
    ... Firewall is configured with an access rule that allows all outbound traffic ... from entire Internal Network to External Network for "All Users". ... one "Integrated Authentication" and the "Require all users to authenticate" ... configuration to use the web proxy. ...