Re: Small Form Factor Firewall

<larstr@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
Will <westes-usc@xxxxxxxxxxxxxx> wrote:
: To a management station, I would expect no incoming connections, so I
: that policy enforced and reported.

Where are you planning on utilizing this? Internally or for SOHO users?

Corporate use internally, way behind the main firewall.

I believe most SOHO boxes doesn't currently support GigE. For small remote
offices I have utilized small firewall boxes from Sofaware
( If you're using Checkpoint firewalling you will
recognize these. Sofaware is a Checkpoint daufgter company.

You hit the nail on the head. 95% of the product on the market for cheap
firewalls is for home users who have slow WAN connections. There are lots
of small firewall applications on a corporate network where you want to do
something special purpose, with a server or group of servers, or a critical
management workstation. Sometimes you just don't have a clean way to
attach that to a main firewall segment and you have to put something with
the machine locally. As you point out, there isn't a whole lot of
product offering out there for a small intra-corporate firewall with gigE
interfaces on both sides of the firewall.

And to be honest with you, what I really need is something closer to an
ethernet bridge that does firewall-like packet inspection. It would be
awfully nice if for example I could use the corporate DHCP from behind the
small firewall I want to buy.

For internal networks you also have the options of Cisco NAC This
requires you to have Cisco switches etc and will handle gigabit load

Probably a major expense.

etc. If you're not using cisco you can get a product such as Trend

Other solutions that will give you such functionality on the Client is
Checkpoint Integrity
( or
( You can
also combine several of these and they can work together for optimal

Software firewalls are cheap but easily defeated by any sophisticated
rootkit trojan.



Relevant Pages

  • Re: 50+ unwanted messenger popups per day - worse than spam, help
    ... Messenger, in this case, is acting like a "canary". ... packets into your system. ... You can do this using a firewall. ... the firewall completely, disallowing all incoming connections. ...
  • Re: Apache Settings in Breezy
    ... > not allow any incoming connections, thus not really needing a firewall ... But as you locally already can access the apache server ... then remove the 'ServerName localhost' ...
  • Re: Stats comp.os.linux.networking (last 7 days)
    ... you have incoming connections via 2 ... For the incoming packets, have the firewalls re-write the packets so that ... firewall itself. ... If you use a Linux box for your firewall, ...
  • Re: Office apps taking a long time to close after 12.2.3
    ... with Office and the OS X Firewall? ... X asks if you want to Allow or Deny incoming connections to that app. ...
  • Re: Netscreen 25 Help
    ... I currently have a new Netscreen 25 firewall and I am having ... traffic from LAN to WAN and NAT/Portforwarding from WAN to LAN. ...