RE: Hardware Firewall recommendations

["Kola Salami" <it () hydrotrans org>]

Hello all,

Permit me to diverse a bit from this discussion. I have a question on LINUX
firewall; how secured is linux firewall (SUSE enterprise edition) if
deployed on companies central server workstation for a small medium Scale.

Thanks 

Kola Salami 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of TVB NOC
Sent: Friday, November 30, 2007 9:08 PM
To: Tremaine Lea; Chris [HORIZONsolutions]
Cc: security-basics () securityfocus com
Subject: RE: Hardware Firewall recommendations

I utilize the Checkpoint EDGE solution a lot for small companies, its
very easy to setup and configure, has easy management features and it's
user friendly. 

I have also used SonicWall, Juniper (NetScreen) and Cisco PIX (ASA), all
of which are sound solutions, however if you are not real familiar with
command line functions and if your client wants to have the ability to
configure certain things, I would venture to say that you may want to
leave the Cisco solution, possibly Juniper too, and stick with a GUI
based solution. 

In addition, if you need a DMZ option, unless things have changed Cisco
does not provide a dedicated DMZ port. 

Lastly, if you need a good purchase resource I have great contacts for
all those solutions...    

Hope this helps...
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Tremaine Lea
Sent: Friday, November 30, 2007 8:52 AM
To: Chris [HORIZONsolutions]
Cc: security-basics () securityfocus com
Subject: Re: Hardware Firewall recommendations

Any decent firewall/router should be capable of what you are  
requiring, from entry level cisco routers to Checkpoint to Juniper to  
Sonicwall to... the list is pretty long ;)

If the only requirement is being able to handle/configure two wan  
links and basic ACL's, you have a lot of options and can choose any  
relatively mainstream firewall and base your decision primarily on cost.

If there are other needs such as IDS/IPS, VPN support, QoS, vlan's  
etc, that will narrow the field a little bit.

Cheers,

---
Tremaine Lea
Network Security Consultant
Intrepid ACL
"Paranoia for hire"



On 30-Nov-07, at 4:22 AM, Chris [HORIZONsolutions] wrote:

> Hi,
>
> I'm investigating the purchase of a hardware firewall.  I'm hoping  
> people here could point me in the right direction, if not give  
> recommendations.
>
> I've got two separate connections, one to a individual server and  
> one to a small LAN of several servers. The need for the two separate  
> incoming pipes is because we're billed individually for the  
> bandwidth usage.  I would rather buy one box that can handle both of  
> these connections instead of two boxes, mainly to ease the  
> administration but this isn't essential.
> This should make sense, thanks,
>
> Chris -.