Link to home
Start Free TrialLog in
Avatar of prashmit
prashmit

asked on

Selection of Firewall and IDS

We are going for a 30 sites networking with our head office via some ISP's VPN. Can all experts pls suggest me what firewall and IDS should I use to protect my network to maximum extent. We have Windows 2000 advanced server with Exchange 2000 as mail server. We will expose our server for ERP and mail access to all our sites as well as for external internet users. (To note we are taking a leased connectivity with ISP for internet exposure). We will be using 3600 series CISCO routers at central location.
ASKER CERTIFIED SOLUTION
Avatar of chaddupuis
chaddupuis
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of SunBow
SunBow
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of chris_calabrese
chris_calabrese
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of prashmit
prashmit

ASKER

Thanks to all. Let me go through. Will come back very soon.
Avatar of prashmit
prashmit

ASKER

Can all please tell me what features of firewall and IDS should we consider for evaluation.
Like firewall should have deny all port and allow few capability,, etc.
SOLUTION
Avatar of Darq_Messiah
Darq_Messiah
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of chaddupuis
chaddupuis
So far the Sonicwall Global Management System is the easiest I have seen to configure. The Pro 330 devices support 128,000 simultaneous connections 1000 VPN tunnels. Firewall throughput is 190Mbps and VPN throughput is 45Mbps. They have higher-end products that support up to 10,000 VPN tunnels and 500,000 Simultaneous connections, but they are very pricy and most people do not require that many.
SOLUTION
Avatar of AndyHolliday
AndyHolliday
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of chaddupuis
chaddupuis
You could also try Snort 2.0 as it is free and very effective.
Avatar of chaddupuis
chaddupuis
Please remember to be realistic here,  prashmit is only connecting 30 sites.
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image
As a rule of thumb - check out what the free linux firewall and vpn solutions (IPTables and Freeswan) provide - if the commercial packages you look at don't give you at LEAST that, then they are a waste of money.
Avatar of prashmit
prashmit

ASKER

I will get back to u all very soon. Thanks to all for help and co-operation.
Avatar of chris_calabrese
chris_calabrese
Split between all posters.
Avatar of Darq_Messiah
Darq_Messiah
Yep, good suggestion.