Solved

Confused on DSL Router Firewall? - what to buy?

Posted on 2003-11-26
2
381 Views
Last Modified: 2010-04-17
I have a small network with several servers.  I have a single DSL connection with a Linksys DSL Router BEFSR41 which shares the DSL connection with everyone (20) on my network.  Not very expensive and works fine.  This DSL router 192.168.0.1. is the gateway for the network.

I am not real sure on this, I only know what works, but I understand that these Routers are not real firewalls.  The only feature I currently use on the router is port forwarding.  Example map port 7080 to port 7080 but to computer 192.168.0.7 my webserver.  I can only map ten ports to ports on other computers which I am using for SMTP, FTP, VNC, OWA etc.

Can you recommend an inexpensive firewall, (under $100?) that would let me have some more control.   Or should I abandon the DSL router and run everything through Windows 2000 server?

Kind of scary thought since the hardware gateway works pretty well... TIA-TOMG

0
Comment
Question by:Tgilbert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 100 total points
ID: 9825670
What really scares me is that you would even THINK of using Windows server as your network protection/firewall. IMHO no firewall will ever be secure if it rides on top of buggy/patch ridden Windows.

If your budget is only $100, stay with what you have. Even your Linksys provides SPI (Stateful Packet Inspection), and can enforce AntiVirus if you want.

If you can possibly afford it, look closely at the Cisco PIX 501. It was designed ground-up to be a firewall for small offices and has all the features of it's big brother enterprise PIX's.
You can setup and use VPN to access internal servers very easily. This will reduce your dependence on port-forwarding.

Here are some good references for other products:

Hardware appliance firewalls:
Ciso PIX (Hands-down my favorite)
http://www.cisco.com/go/pix
Netscreen:
http://www.netscreen.com/products/firewall/index.jsp
Watchguard:
http://guide.gowatchguard.com/?keyword=firewallappliance
Sonicwall:
http://www.sonicwall.com/
Symantec:
http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=63

Small office/home office - SOHO
http://www.linksys.com/products/product.asp?grid=23&prid=433
http://www.dlink.com.au/products/routers/dfl500/

You can always go with software host-based firewalls on top of your existing Linksys

Free/low cost software firewalls
Zone Alarm:
http://www.zonelabs.com
Kerio is good:
http://www.kerio.com/us/kpf_home.html
Panda Software has an Antivirus with built in firewall:
http://www.pandasoftware.com/
BlackIce Defender
http://blackice.iss.net/product_pc_protection.php
Tiny Personal Firewall:
http://www.tinysoftware.com/home/tiny2?la=EN


And, of course, your Linux firewalls:
http://www.chicagotribune.com/technology/chi-020124linux.story?coll=chi%2Dtechnology%2Dhed
FloppyFW -- http://www.zelow.no/floppyfw
Linux Router Project -- http://www.linuxrouter.org
FirePlug -- http://edge.fireplug.net
Coyote Linux -- http://www.coyotelinux.com


0
 

Expert Comment

by:tbeasley123
ID: 9827497
I can recommend the Watchguard SOHO as a good option for you.  I wouldn't recommend going with a software based firewall.  Also, be careful with the BEF SR41.  I have worked with two of these both of which started having intermittent problems after about 2 years.  The Watchguard units also have some nice VPN options that you may be able to use.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question