Re: Small Form Factor Firewall

<larstr@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:efk3j9$qva$1@xxxxxxxxxxxxxxxxxxxxx
Will <westes-usc@xxxxxxxxxxxxxx> wrote:
: To a management station, I would expect no incoming connections, so I
want
: that policy enforced and reported.

Where are you planning on utilizing this? Internally or for SOHO users?

Corporate use internally, way behind the main firewall.


I believe most SOHO boxes doesn't currently support GigE. For small remote
offices I have utilized small firewall boxes from Sofaware
(www.sofaware.com). If you're using Checkpoint firewalling you will
recognize these. Sofaware is a Checkpoint daufgter company.

You hit the nail on the head. 95% of the product on the market for cheap
firewalls is for home users who have slow WAN connections. There are lots
of small firewall applications on a corporate network where you want to do
something special purpose, with a server or group of servers, or a critical
management workstation. Sometimes you just don't have a clean way to
attach that to a main firewall segment and you have to put something with
the machine locally. As you point out, there isn't a whole lot of
product offering out there for a small intra-corporate firewall with gigE
interfaces on both sides of the firewall.

And to be honest with you, what I really need is something closer to an
ethernet bridge that does firewall-like packet inspection. It would be
awfully nice if for example I could use the corporate DHCP from behind the
small firewall I want to buy.


For internal networks you also have the options of Cisco NAC This
requires you to have Cisco switches etc and will handle gigabit load

Probably a major expense.


etc. If you're not using cisco you can get a product such as Trend
Viruswall

(http://www.trendmicro.com/en/products/network/nvw1200/evaluate/overview.htm
).
Other solutions that will give you such functionality on the Client is
Checkpoint Integrity
(http://www.checkpoint.com/products/downloads/integrity_datasheet.pdf) or
MS NAP
(http://www.microsoft.com/technet/itsolutions/network/nap/). You can
also combine several of these and they can work together for optimal
protection.

Software firewalls are cheap but easily defeated by any sophisticated
rootkit trojan.

--
Will


.

Relevant Pages

  • Re: 50+ unwanted messenger popups per day - worse than spam, help
    ... Messenger, in this case, is acting like a "canary". ... packets into your system. ... You can do this using a firewall. ... the firewall completely, disallowing all incoming connections. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Apache Settings in Breezy
    ... > not allow any incoming connections, thus not really needing a firewall ... But as you locally already can access the apache server ... then remove the 'ServerName localhost' ...
    (alt.linux)
  • Re: Stats comp.os.linux.networking (last 7 days)
    ... you have incoming connections via 2 ... For the incoming packets, have the firewalls re-write the packets so that ... firewall itself. ... If you use a Linux box for your firewall, ...
    (comp.os.linux.networking)
  • Re: Office apps taking a long time to close after 12.2.3
    ... with Office and the OS X Firewall? ... X asks if you want to Allow or Deny incoming connections to that app. ...
    (microsoft.public.mac.office)
  • Re: Netscreen 25 Help
    ... I currently have a new Netscreen 25 firewall and I am having ... traffic from LAN to WAN and NAT/Portforwarding from WAN to LAN. ...
    (comp.security.firewalls)