EAL4 firewall choice

["Kevin Sheldrake" <kev () electriccat co uk>]

Hello

I have a requirement to install an EAL4 firewall in my very small office,
to replace my gentoo 2.6 iptables box.  I'm looking for advice and costs;
in this case cost efficiency is very important (it's my company), whereas
all my professional advice to customers generally has
security/usability/maintainability/support as the highest concern (initial
cost is not usually a driver for them).  Obviously, these things are still
important to me, just not as important as the bottom line.

The requirement is for a simple three/four card firewall, allowing me to
host a DMZ and up to two protected networks.  It wants to be stateful and
cope with slightly complex protocols, such as passive ftp.  I would like
to provide sshd on a non-standard port, forwarded to the DMZ for
processing.  All other connections are out-bound, which need to be limited
by port number.

So, with that in mind, I'm thinking Cisco PIX is an option.  I'm also very
partial to Cyberguard but believe they may be expensive.  I do not wish to
run Checkpoint.  What do people think of Borderware? or Sidewinder? or
Symantec?  See the full list here:
http://www.cesg.gov.uk/site/iacs/index.cfm?menuSelected=1&displayPage=151

Direct replies to me at the request of the moderator to keep  
vendor-specific recommendations / discussions on list to a minimum.  All  
help much appreciated.

Kev



--
Kevin Sheldrake MEng MIEE CEng CISSP
Electric Cat (Bournemouth) Ltd

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards