Solved

New Firewall

Posted on 2004-08-13
14
249 Views
Last Modified: 2013-11-16
Hi,

I'm in the process of lining up a new firewall for our company.  Our company is around 25 people in size and we have 5 of our 12 servers which are published on the Internet.

What is a suitable well respected highly rated hardware firewall for a company of our size ?  I was looking at something like a Checkpoint small office FW.......

What kind of features should I be looking for, AV scanning, Intrusion detection, dynamic packet filtering ?
0
Comment
Question by:stevendunne
  • 6
  • 3
  • 3
  • +2
14 Comments
 

Author Comment

by:stevendunne
ID: 11791778
How do these two rate ?

McAfee Secure-1
Checkpoint Safe@Office
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11792382
I would go with a Cisco PIX 506e or pix 515e, you cannot go wrong with cisco technology. This baby is perfect for making vpn tunnels too.. Have a look at all the features. if you want more then 2 interfaces, I would go with the 515e, and add up other interface via a card.. so you can have your External/internal/Dmz/other interface on the firewall.

506e
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b13.html
515e
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b15.html
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11792425
Check point products are also excellent. you would go with the 225 Model? the only problem is that the # of possible remote vpn connection is kindda limited, while it'S unlimited with the cisco product (the 515e). It's the same for the pix 506e (25)
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:stevendunne
ID: 11792871
We would only need 5 - 10 VPN connections at max.

How about the McAfee secure-1 box ?  I like the idea that this includes AV scanning etc  Does the Cisco box provide this ?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11793330
I also like the PIX. I'm not sold on mulitpurpose boxes, but here is a good comparison and report card on multiple different all-in-ones
http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss446_art914,00.html



0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11793351
Hmm, I don't know, i wouldnt use mcafee to secure my network... I had problem with their software firewall messing up some of my client's computer.. Deal with a corporation that has exclusive expertise in security/firewalls.
0
 
LVL 4

Expert Comment

by:batmon34
ID: 11798065
Go with CheckPoint, Nokia CheckPoint (much easier to setup), Cisco PIX, NetScreen (ASIC based), or even MS-ISA 2004.  Cool thing about ISA is that it does FW now and also does application layer filtering which othe FW can't...

0
 

Author Comment

by:stevendunne
ID: 11839759
It looks as though I'll go for the Checkpoint safe@office 225 or 225u.  I'll also look at adding in the extra security subscriptions like AV scanning & content filtering.  Does anyone know if these are affective ?
0
 
LVL 2

Expert Comment

by:tonyhowarth
ID: 11846526
Don't the PIX 501, while it's the little baby compared to some of the others above, if your not running large pipes it just might fit your bill.

It has the same software on as the 506 and 515 and at a fraction of the price you can have a spare one sat next to the live for less than 1 506?

Tony
0
 

Author Comment

by:stevendunne
ID: 11900940
Any more news on the Checkpoint safe@office 225 or 225u, in terms of it capabilities of anti virus scanning with the extra subscriptions ?

Do anyone know how much memory the safe@office units have ?
0
 

Author Comment

by:stevendunne
ID: 11971319
Help ?
0
 
LVL 4

Expert Comment

by:batmon34
ID: 11974944
I use Nokia CheckPoint with AI and Smart Defense.  Tell you to true, If you wanna take care your antiruses or content filterings, you should use another box to do it.  How much they quoted you for the subscriptions?  Symantec anti-virus does a better job.  You can get Symantec Enterprise and it will take care your Exchange server, SMTP gateway, desktop PC, servers, etc...  just compare the price and it how it goes.
0
 

Author Comment

by:stevendunne
ID: 11988876
How about the Sonicwall TZ170 box ?
0
 
LVL 4

Accepted Solution

by:
batmon34 earned 300 total points
ID: 12001010
Sonic is using checkpoint too, isn't it?  If you want something small & cheap, take a look at NetScreen and compare a bit.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
info required for port scans 1 52
DHCP lease issue ? 8 95
Using Netsh to enable a firewall for a particular profile 6 99
Sonicwall tz215 internet speed slow  help 56 1,093
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question