Re: firewall



I would not necessarily thing that having intrusion detection is such a big
thing in a small network. The security logs on the domain computers can be
monitored for unauthorized access attempts and strong passwords and other
best practice security procedures should be implemented, if not already, to
minimize risk of a compromise. The firewall logs can also be checked
periodically to see what is going on.

I would not worry too much about the whole stealth/closed issue as long as
unauthorized access is not possible on protected ports. More important to me
would be to have a firewall that can manage both inbound and outbound access
and being able to have a default block all for outbound access and then the
needed exceptions defined. I am not familiar with the yamaha RT57i. I have
read and heard some good things about the fairly affordable line of
firewalls from SonicWall such as the TZ170. These firewalls can also be
linked to subsciption based malware and content filtering services. ---
Steve

http://www.sonicwall.com/products/tz170.html --- TZ170
http://www.sonicwallsales.com/products.htm?category=tz_series&gclid=CPWz6Y_Y1YUCFRYESQodNw3cLQ

"mjn" <mjnorris@xxxxxxxxxxxxxxxxx> wrote in message
news:eAtnvg8kGHA.2280@xxxxxxxxxxxxxxxxxxxxxxx
Small company that runs a TS server, DB and Web server concurrent users
around 20. Looking for a FW software based solution for the entire
network. Only condition is must support VPN as there are several remote
office that also connect to the HQ.

Existing FW is HW based but does not support intrusion
detection/notification. Am thinking of keeping this piece of hardware as
it includes VOIP/VPN (yamaha RT57i).

But current problem is the company must have several ports open
(ftp,pop,smtp,db, and several others) In a port scan these are showed as
closed but not stealth thus am getting a little worried. Not sure if it
is my config or not but difficult to access due to language of UI.

Typical HW FW are very expensive and prob an overkill for these needs of
a small firm but also the needs are greater than having Zonealarm on
each PC.

Any suggestions or sites with good reviews for the small enterprise??

Thanks


.



Relevant Pages

  • Re: Unwanted "messenger" messages
    ... NO MATTER WHICH FIREWALL YOU CHOOSE... ... [Windows XP users can also consider using the ICF firewall that comes with ... INTRUSION DETECTION: ... real-time to your email or pager, a third network interface to create a DMZ, ...
    (microsoft.public.inetserver.iis.security)
  • Re: Recommendations for internet access logging/blocking on w2k system
    ... whether to use stateful firewall, or proxy server, or both ... intrusion detection such as www.snort.org ... real-time to your email or pager, a third network interface to create a DMZ, ... [Windows XP users can also consider using the ICF firewall that comes with ...
    (microsoft.public.win2000.security)
  • RE: can ping but not browse
    ... I have stopped the firewall. ... # are safed from all (security) hazards. ... firewall/bastion host to the internet ... # internet and to an internal network, ...
    (Fedora)
  • Re: Turn off all sharing and network discovery
    ... which is basically Windows XP running as a virtual ... It does need its own AV and firewall. ... unnecessary network resource sharing and resource discovery. ...
    (microsoft.public.windowsxp.general)
  • Re: Turn off all sharing and network discovery
    ... which is basically Windows XP running as a virtual ... It does need its own AV and firewall. ... unnecessary network resource sharing and resource discovery. ...
    (microsoft.public.windowsxp.general)