Educause Security Discussion mailing list archives

Re: Firewall recommendations

From: Charlie Prothero <Charlie.Prothero () KEYSTONE EDU>
Date: Mon, 3 Mar 2008 13:38:59 -0500

Keystone College is smaller than most of the other respondents, so our
solution might not scale very high.  However, we have had great success
with Microsoft ISA server for publishing our services out to the
Internet and Coyote Linux (free for EDU's at http://www.vortech.net
<http://www.vortech.net/> ) paired with a NetEqualizer
(http://www.netequalizer.com/) for NAT.  Our Coyote machine is just a
PIII, and it manages a 17 megabit Internet connection with ease. 

 

ISA can do VPN, and we do have some people using that, but our primary
provision for remote access is a couple of terminal servers published
through ISA.  It's easier to support terminal services than it is to
support VPN and, since terminal server user computers don't join the
network, we have less concern about their maintenance status than we
would with VPN connections.  If someone has specialty software on their
office computer that isn't on our terminal servers, then we set them up
with VPN.  

 

- Charlie

 

 

Charlie Prothero

CIO

 

Keystone College

One College Green * La Plume, PA 18440

570-945-8015

 

________________________________

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Holden
Sent: Friday, February 29, 2008 4:41 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Firewall recommendations

 


We are looking at upgrading our campus's firewall.  We are currently
using a pair of end of life PIX 515s.  We have been looking at the Cisco
ASA and Juniper Netscreen products.  We are very early in our evaluation
and haven't talked with any venders yet.  We are wondering if any other
campus has been through this process recently and can offer any
suggestions.  We are looking at the bandwidth they can handle, price,
added features such as VPN, IDS/IPS functionality, likes and dislikes
and any other helpful advise.    Currently we are a mixed Cisco and HP
shop, but are open to any and all vendors solutions. 

Thanks,
Jeff Holden, CISSP, RHCE
Manager, Network & Data Security
Mt. San Antonio College
(909) 594-5611 X5017

Current thread:

Firewall recommendations Jeff Holden (Feb 29)
- <Possible follow-ups>
- Re: Firewall recommendations Brawner, David (Feb 29)
- Re: Firewall recommendations Bean, Mike (Feb 29)
- Re: Firewall recommendations Consolvo, Corbett D (Feb 29)
- Re: Firewall recommendations Jarrod Millman (Feb 29)
- Re: Firewall recommendations Constantakos, William (Mar 01)
- Re: Firewall recommendations Ramon Hermida (Mar 03)
- Re: Firewall recommendations Joey Rego (Mar 03)
- Re: Firewall recommendations Ramon Hermida (Mar 03)
- Re: Firewall recommendations Charlie Prothero (Mar 03)
- Re: Firewall recommendations Perry, Jeff (Mar 03)
- Re: Firewall recommendations Soliwoda, Andrzej (Mar 14)
- Re: Firewall recommendations Richard Kunert (Mar 18)
- Re: Firewall recommendations Jon Hanny (Mar 18)
- Re: Firewall recommendations Avdagic, Indir (Mar 18)