Security Basics mailing list archives

RE: Hardware Firewall recommendations

From: "Kevin Ortloff" <Kevin.Ortloff () j2global com>
Date: Tue, 4 Dec 2007 09:01:51 -0800

I only work with enterprise level devices, but recently I came across a
Fortigate Firewall from a friends small business.  I looked at the GUI
and it was pretty simple. Along with being a firewall, it also had IPS
features and 8 ports to do with whatever you wanted, in/out/dmz, etc...
I'm not sure if it did VLAN'ing, but I wouldn't doubt it. Not a bad
small / medium business device. Worth a look for sure.

http://www.fortinet.com/products/fortigate_overview.html




-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Kola Salami
Sent: Monday, December 03, 2007 11:26 PM
To: 'TVB NOC'; 'Tremaine Lea'; 'Chris [HORIZONsolutions]'
Cc: security-basics () securityfocus com
Subject: RE: Hardware Firewall recommendations

Hello all,

Permit me to diverse a bit from this discussion. I have a question on
LINUX firewall; how secured is linux firewall (SUSE enterprise edition)
if deployed on companies central server workstation for a small medium
Scale.

Thanks 

Kola Salami 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of TVB NOC
Sent: Friday, November 30, 2007 9:08 PM
To: Tremaine Lea; Chris [HORIZONsolutions]
Cc: security-basics () securityfocus com
Subject: RE: Hardware Firewall recommendations

I utilize the Checkpoint EDGE solution a lot for small companies, its
very easy to setup and configure, has easy management features and it's
user friendly. 

I have also used SonicWall, Juniper (NetScreen) and Cisco PIX (ASA), all
of which are sound solutions, however if you are not real familiar with
command line functions and if your client wants to have the ability to
configure certain things, I would venture to say that you may want to
leave the Cisco solution, possibly Juniper too, and stick with a GUI
based solution. 

In addition, if you need a DMZ option, unless things have changed Cisco
does not provide a dedicated DMZ port. 

Lastly, if you need a good purchase resource I have great contacts for
all those solutions...    

Hope this helps...
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Tremaine Lea
Sent: Friday, November 30, 2007 8:52 AM
To: Chris [HORIZONsolutions]
Cc: security-basics () securityfocus com
Subject: Re: Hardware Firewall recommendations

Any decent firewall/router should be capable of what you are requiring,
from entry level cisco routers to Checkpoint to Juniper to Sonicwall
to... the list is pretty long ;)

If the only requirement is being able to handle/configure two wan links
and basic ACL's, you have a lot of options and can choose any relatively
mainstream firewall and base your decision primarily on cost.

If there are other needs such as IDS/IPS, VPN support, QoS, vlan's etc,
that will narrow the field a little bit.

Cheers,

---
Tremaine Lea
Network Security Consultant
Intrepid ACL
"Paranoia for hire"



On 30-Nov-07, at 4:22 AM, Chris [HORIZONsolutions] wrote:

Hi,

I'm investigating the purchase of a hardware firewall.  I'm hoping 
people here could point me in the right direction, if not give 
recommendations.

I've got two separate connections, one to a individual server and one 
to a small LAN of several servers. The need for the two separate 
incoming pipes is because we're billed individually for the bandwidth 
usage.  I would rather buy one box that can handle both of these 
connections instead of two boxes, mainly to ease the administration 
but this isn't essential.
This should make sense, thanks,

Chris -.







This email, its contents and attachments contain information from j2 Global Communications, Inc. and/or its affiliates 
which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the 
addressee(s) only.  If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this 
message is prohibited.  If you have received this email in error please notify the sender by reply e-mail and delete 
the original message and any copies.

Current thread:

RE: Hardware Firewall recommendations TVB NOC (Dec 01)
- RE: Hardware Firewall recommendations Kola Salami (Dec 04)
  - RE: Hardware Firewall recommendations Kevin Ortloff (Dec 04)
  - Hardware Firewall recommendations (with content filters Scott Warren (Dec 04)
    - RE: Hardware Firewall recommendations (with content filters Yahsodhan Deshpande (Dec 04)
    - Re: Hardware Firewall recommendations (with content filters Bryan S. Sampsel (Dec 04)
  - RE: Hardware Firewall recommendations Bryan S. Sampsel (Dec 04)
    - Re: Hardware Firewall recommendations Chad Perrin (Dec 04)
- <Possible follow-ups>
- Re: Hardware Firewall recommendations Kelly Keeton (Dec 01)
- Re: Hardware Firewall recommendations Chris [HORIZONsolutions] (Dec 04)