Firewall Wizards mailing list archives

ethernet-to-ethernet router: a piece of the puzzle

From: "Irwin R. Naumann" <irwin () thinkage ca>
Date: Wed, 13 Dec 2000 15:39:43 -0500 (EST)

What would you recommend as an ethernet-to-ethernet "router" situated between
a 10Mb fibre link WAN and an ethernet LAN?

This would be the first piece of an in-depth security defense.

Requirements:
o ingress/egress filtering for RFC1918 addresses, spoofed addresses, reserved
  network addresses, NETBIOS, other specific ports
o FTP traffic from web/ftp server (5-10 MB per download)
o routing minimum 2 Class C network equivalents
o VPN for 5-10 users
o DMZ

There will a Stateful Packet Filter firewall sitting between the "router"
and the LAN.

Would you recommend a hardware only solution?

What size CPU and memory would adequately handle a *BSD solution running ipfilter
with 2 or 3 NIC's?

I have begun to look at the Gnatbox, Netopia 9100R, Cayman Router, 
Cisco 1600 Series, SonicWall Pro, Multicom Ethernet II, WebRamp 700.

Experiences with any of the above appreciated.

Does anyone in *North America* have experience with Lightning's Multicom
Ethernet II router?

Thanks,

   Irwin

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

ethernet-to-ethernet router: a piece of the puzzle Irwin R. Naumann (Dec 14)
- Re: ethernet-to-ethernet router: a piece of the puzzle Patrick Darden (Dec 15)
  - RE: ethernet-to-ethernet router: a piece of the puzzle Todd Schroeder (Dec 20)
    - RE: ethernet-to-ethernet router: a piece of the puzzle Michael Nelson (Dec 24)
- Re: ethernet-to-ethernet router: a piece of the puzzle Tom Kistner (Dec 15)