Security Basics mailing list archives
Re: What firewall for small medical research lab
From: <kedearian.secuirty () gmail com>
Date: Fri, 28 Apr 2006 11:50:14 -0700
also check out ipcop, its a free linux distro, you can put in ids, block ports, as well as a ton of add-ins, all very user friendly, you can administrate the whole thing from a gui webpage akin to the linksys, with a ton of options.
Good luck----- Original Message ----- From: "Michael Shum" <shummichael () gmail com>
To: "Chris Moody" <cmoody () qualcomm com>Cc: <rmillisl () millis-it com>; <firewalls () securityfocus com>; <security-basics () securityfocus com>
Sent: Thursday, April 27, 2006 8:18 PM Subject: Re: What firewall for small medical research lab Sonicwall is pretty good and cheap...I had setup many of these over linksys...it's a step up from Linksys. On 4/27/06, Chris Moody <cmoody () qualcomm com> wrote:
Smoothwall. It's a linux based iptables firewall. You can literally have it installed and setup in less than 30 minutes (I've done it). VERY user friendly. Costs -$0-. HIGHLY extensible. I actually ran a hosting business behind one for the last several years. Cheers, -Chris rmillisl () millis-it com wrote: > I have been asked to research what good, low cost, firewall solutions > might prove suitable for a medical research lab at a local University to > protect confidential patient data from outsiders. > > In addition to other research I though I would ask here. >> I realize a firewall is just one component of an overall security policy > /> implementation. > > Basically what is needed is a simple NAT box that generally keeps > outsiders out, and allows authorized lab servers and workstations to> access certain services out on the main building network (DNS, IMAP, > POP,> SMTP, HTTP, HTTPS, FTP, SSH) and through that network to the Internet > (through the main building campus/network). > > Cost is a very important factor so suggested solutions have been: > > - Pay someone to set up a PC based firewall running on surplus hardware > using either Fedora Core 5 and Shorewall 3.0.6 (to allow easy> configuration of iptables rules). The hardware and software cost are > low.> The time could add up. I have considerable experience with this so this > would be the lowest learning curve. Problem is Fedora with its frequent > updates may make managing this more of a chore. >> - Pay someone to set up a a PC based firewall running on surplus > hardware > using either OpenBSD 3.7 or 3.8 and pf. The hardware and software cost > are> low. The time could add up. I have some OpenBSD experience and no pf > background. > > - Pay someone to set up a a Linksys or D-Link broadband > switch/firewall/router. The hardware cost is low. The time to set up may > be minimal (Plug&Play + some common sense and provided firewall/filter > capabilities). Are these a serious and secure enough solution? > > - Some other low cost hardware or software based alternative. What else > might be out there that I don't know about that might be comparable in > cost to the D-Link or Linksys options. > > The PC based solutions I personally have the most confidence in with> respect to hand crafting a minimal OS build and hardening and patching > the > OS and doing rules mostly by hand. With pf there is some concern of > errors> introduced due to learning curve. > > Comments? Suggestions? > >
------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php -------------------------------------------------------------------------- ------------------------------------------------------------------------- This List Sponsored by: WebrootDon't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- Re: What firewall for small medical research lab, (continued)
- Re: What firewall for small medical research lab Rajeev Kumar (May 01)
- RE: What firewall for small medical research lab Bryan S. Sampsel (May 01)
- Re: What firewall for small medical research lab Bob Radvanovsky (May 01)
- RE: What firewall for small medical research lab adnan () techiesonly com (May 01)
- RE: What firewall for small medical research lab Arturas Zalenekas (May 01)
- RE: What firewall for small medical research lab Justin Shore (May 01)
- RE: What firewall for small medical research lab Beauford, Jason (May 01)
- Re: What firewall for small medical research lab Jeff Davis (May 01)
- Re: RE: What firewall for small medical research lab rsingh36 (May 01)
- Re: RE: What firewall for small medical research lab Arunodhay Koul (May 02)
- Re: What firewall for small medical research lab kedearian.secuirty (May 01)
- RE: What firewall for small medical research lab Smith, Brad (May 01)
- Re: What firewall for small medical research lab Smith (May 01)
- Re: What firewall for small medical research lab Arturas Zalenekas (May 01)
- Re: What firewall for small medical research lab chris (May 01)
- Re: Re: What firewall for small medical research lab gun_mortimer (May 02)
- RE: What firewall for small medical research lab Steve Armstrong (May 02)
- RE: What firewall for small medical research lab Dahate, Pramod (May 02)
- RE: What firewall for small medical research lab Joseph (Joe) Lynn (May 02)
- RE: What firewall for small medical research lab Beauford, Jason (May 02)
- Re: What firewall for small medical research lab David M. Zendzian (May 03)
(Thread continues...)