Solved

New Firewall

Posted on 2004-08-13
14
248 Views
Last Modified: 2013-11-16
Hi,

I'm in the process of lining up a new firewall for our company.  Our company is around 25 people in size and we have 5 of our 12 servers which are published on the Internet.

What is a suitable well respected highly rated hardware firewall for a company of our size ?  I was looking at something like a Checkpoint small office FW.......

What kind of features should I be looking for, AV scanning, Intrusion detection, dynamic packet filtering ?
0
Comment
Question by:stevendunne
  • 6
  • 3
  • 3
  • +2
14 Comments
 

Author Comment

by:stevendunne
ID: 11791778
How do these two rate ?

McAfee Secure-1
Checkpoint Safe@Office
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11792382
I would go with a Cisco PIX 506e or pix 515e, you cannot go wrong with cisco technology. This baby is perfect for making vpn tunnels too.. Have a look at all the features. if you want more then 2 interfaces, I would go with the 515e, and add up other interface via a card.. so you can have your External/internal/Dmz/other interface on the firewall.

506e
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b13.html
515e
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b15.html
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11792425
Check point products are also excellent. you would go with the 225 Model? the only problem is that the # of possible remote vpn connection is kindda limited, while it'S unlimited with the cisco product (the 515e). It's the same for the pix 506e (25)
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:stevendunne
ID: 11792871
We would only need 5 - 10 VPN connections at max.

How about the McAfee secure-1 box ?  I like the idea that this includes AV scanning etc  Does the Cisco box provide this ?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11793330
I also like the PIX. I'm not sold on mulitpurpose boxes, but here is a good comparison and report card on multiple different all-in-ones
http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss446_art914,00.html



0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11793351
Hmm, I don't know, i wouldnt use mcafee to secure my network... I had problem with their software firewall messing up some of my client's computer.. Deal with a corporation that has exclusive expertise in security/firewalls.
0
 
LVL 4

Expert Comment

by:batmon34
ID: 11798065
Go with CheckPoint, Nokia CheckPoint (much easier to setup), Cisco PIX, NetScreen (ASIC based), or even MS-ISA 2004.  Cool thing about ISA is that it does FW now and also does application layer filtering which othe FW can't...

0
 

Author Comment

by:stevendunne
ID: 11839759
It looks as though I'll go for the Checkpoint safe@office 225 or 225u.  I'll also look at adding in the extra security subscriptions like AV scanning & content filtering.  Does anyone know if these are affective ?
0
 
LVL 2

Expert Comment

by:tonyhowarth
ID: 11846526
Don't the PIX 501, while it's the little baby compared to some of the others above, if your not running large pipes it just might fit your bill.

It has the same software on as the 506 and 515 and at a fraction of the price you can have a spare one sat next to the live for less than 1 506?

Tony
0
 

Author Comment

by:stevendunne
ID: 11900940
Any more news on the Checkpoint safe@office 225 or 225u, in terms of it capabilities of anti virus scanning with the extra subscriptions ?

Do anyone know how much memory the safe@office units have ?
0
 

Author Comment

by:stevendunne
ID: 11971319
Help ?
0
 
LVL 4

Expert Comment

by:batmon34
ID: 11974944
I use Nokia CheckPoint with AI and Smart Defense.  Tell you to true, If you wanna take care your antiruses or content filterings, you should use another box to do it.  How much they quoted you for the subscriptions?  Symantec anti-virus does a better job.  You can get Symantec Enterprise and it will take care your Exchange server, SMTP gateway, desktop PC, servers, etc...  just compare the price and it how it goes.
0
 

Author Comment

by:stevendunne
ID: 11988876
How about the Sonicwall TZ170 box ?
0
 
LVL 4

Accepted Solution

by:
batmon34 earned 300 total points
ID: 12001010
Sonic is using checkpoint too, isn't it?  If you want something small & cheap, take a look at NetScreen and compare a bit.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question