Solved

Confused on DSL Router Firewall? - what to buy?

Posted on 2003-11-26
2
374 Views
Last Modified: 2010-04-17
I have a small network with several servers.  I have a single DSL connection with a Linksys DSL Router BEFSR41 which shares the DSL connection with everyone (20) on my network.  Not very expensive and works fine.  This DSL router 192.168.0.1. is the gateway for the network.

I am not real sure on this, I only know what works, but I understand that these Routers are not real firewalls.  The only feature I currently use on the router is port forwarding.  Example map port 7080 to port 7080 but to computer 192.168.0.7 my webserver.  I can only map ten ports to ports on other computers which I am using for SMTP, FTP, VNC, OWA etc.

Can you recommend an inexpensive firewall, (under $100?) that would let me have some more control.   Or should I abandon the DSL router and run everything through Windows 2000 server?

Kind of scary thought since the hardware gateway works pretty well... TIA-TOMG

0
Comment
Question by:Tgilbert
2 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 100 total points
ID: 9825670
What really scares me is that you would even THINK of using Windows server as your network protection/firewall. IMHO no firewall will ever be secure if it rides on top of buggy/patch ridden Windows.

If your budget is only $100, stay with what you have. Even your Linksys provides SPI (Stateful Packet Inspection), and can enforce AntiVirus if you want.

If you can possibly afford it, look closely at the Cisco PIX 501. It was designed ground-up to be a firewall for small offices and has all the features of it's big brother enterprise PIX's.
You can setup and use VPN to access internal servers very easily. This will reduce your dependence on port-forwarding.

Here are some good references for other products:

Hardware appliance firewalls:
Ciso PIX (Hands-down my favorite)
http://www.cisco.com/go/pix
Netscreen:
http://www.netscreen.com/products/firewall/index.jsp
Watchguard:
http://guide.gowatchguard.com/?keyword=firewallappliance
Sonicwall:
http://www.sonicwall.com/
Symantec:
http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=63

Small office/home office - SOHO
http://www.linksys.com/products/product.asp?grid=23&prid=433
http://www.dlink.com.au/products/routers/dfl500/

You can always go with software host-based firewalls on top of your existing Linksys

Free/low cost software firewalls
Zone Alarm:
http://www.zonelabs.com
Kerio is good:
http://www.kerio.com/us/kpf_home.html
Panda Software has an Antivirus with built in firewall:
http://www.pandasoftware.com/
BlackIce Defender
http://blackice.iss.net/product_pc_protection.php
Tiny Personal Firewall:
http://www.tinysoftware.com/home/tiny2?la=EN


And, of course, your Linux firewalls:
http://www.chicagotribune.com/technology/chi-020124linux.story?coll=chi%2Dtechnology%2Dhed
FloppyFW -- http://www.zelow.no/floppyfw
Linux Router Project -- http://www.linuxrouter.org
FirePlug -- http://edge.fireplug.net
Coyote Linux -- http://www.coyotelinux.com


0
 

Expert Comment

by:tbeasley123
ID: 9827497
I can recommend the Watchguard SOHO as a good option for you.  I wouldn't recommend going with a software based firewall.  Also, be careful with the BEF SR41.  I have worked with two of these both of which started having intermittent problems after about 2 years.  The Watchguard units also have some nice VPN options that you may be able to use.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setup router as access point - no internet 5 66
Systems talking to each other 5 130
how to access my server 9 48
BGP routing on Windows 2016 7 53
It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question