Security Basics mailing list archives
Re: Firewall recommendations?
From: "David M. Fetter" <david.fetter () fetterconsulting com>
Date: Fri, 07 Mar 2003 16:02:09 -0800
I think you're on the right track when looking at ipchains (which actually has been replaced by iptables/netfilter). You can use freeswan as an add-on to the linux based firewall which will give you vpn support. Also, there is support under linux for pptp and l2tp with some features turned on. If you don't want to go through manually configuring iptables you could always use fwbuilder which is a nice gui interface and can basically provide you with a script for use on your linux firewall. The outcome here is that you would have a good firewall solution at a low cost.
rdusek () myway com wrote:
I am in charge of researching a firewall to replace what we currently have. At my previous job I had used Microsoft ISA in a low-security environment, and was happy with its features, and its integration with the Windows environment there. However, at my current job, security is a much greater concern, and I have to admit, I am somewhat uneasy running a Microsoft firewall product on top of a Microsoft OS. We also had investigated Checkpoint as well as Cisco Pix, and found that for our needs, the Pix at least seemed to need _many_ separate components for the same functionality. My question is what are your experiences with using ISA from a security standpoint? Usability issues? From the Mac end? Or would we be better off pursuing the Checkpoint or the Pix solution? We also plan on implementing VPN over whatever we choose, so if you recommend something other than these, it should support at least PPTP and perhaps eventually IPSec/L2TP. We have also considered placing ISA behind a Linux (or BSD) IP Chains firewall and our perimeter network to block some of the traffic from getting to ISA. Any comments here? Thanks to everybody in advance!
-- David M. Fetter - http://www.fetterconsulting.com/"The world is full of power and energy and a person can go far by just skimming off a tiny bit of it." Neal Stephenson - Snow Crash
Current thread:
- Firewall recommendations? rdusek (Mar 07)
- AW: Firewall recommendations? Thorsten Dampf -- 7stein.net (Mar 07)
- Re: Firewall recommendations? David M. Fetter (Mar 08)
- Re: Firewall recommendations? Chris Travers (Mar 10)
- Re: Firewall recommendations? Bryan S. Sampsel (Mar 11)
- <Possible follow-ups>
- RE: Firewall recommendations? David Ellis (Mar 08)
- Re: Firewall recommendations? Ivan Coric (Mar 08)
- RE: Firewall recommendations? Mark Kelsay (Mar 08)
- RE: Firewall recommendations? John Tolmachoff (Mar 11)
- RE: Firewall recommendations? Jacob (Mar 12)
- RE: Firewall recommendations? John Tolmachoff (Mar 13)
- RE: Firewall recommendations? Jeremy Stinson (Mar 13)
- RE: Firewall recommendations? David Gillett (Mar 17)
- RE: Firewall recommendations? John Tolmachoff (Mar 11)