IDS, Firewall

I have implement the linux router together with the internal firewall. currently my static ip is get thru my linux router first then i split the network to different area.

do i need IDS or firewall hardware?...may i know the brand of the model? which are easy for me to configure?
operation1612Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bigwave2Commented:
Have a look at http://www.ipcop.org

IPCop turns an old PC into a harware firewall and has built in IDS

You can also add on other functions such as web content filtering.
0
operation1612Author Commented:
any orther option?
0
Yan_westCommented:
An IDS is always something good to have. Here is a free one that is widely supported, and is working on all platform:

http://www.snort.org
0
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

Yan_westCommented:
Btw, I have a personnal preference toward Hardware firewall. I'm hooked on cisco products.. check out their PIX line of firewall..

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/

Has integrated VPN fontions too.. You can have clients or sites connect to your firewall if you need it..
0
rafael_accCommented:
isa server 2004 (www.isaserver.org).
0
netspec01Commented:
Recommendations:
PIX firewall - put your publicallly accessable hosts on a "DMZ" interface.  You will need a minimum of (3) interfaces (trusted, untrusted, DMZ).  PIX 515 is the minimum.

Intrusion Detection - Snort for no cost and there are lots and lots of additional supporting products

   - or -

Tipping Point - Intrusion Prevention; inline intrusion prevention system

Hope this helps you!
0
Yan_westCommented:
Net: Good recommendation :) lol
0
operation1612Author Commented:
thanks...is it PIX is a hardware or software? easy to install and configure?
0
Yan_westCommented:
THe pix is a Hardware firewall, Easy to install if you are using the PDM (graphical configuration), using a web browser.. You'll need a professional if you have trouble configuring it for your needs, some things can only be accomplished via command prompt interface.. But most of your config can be appied via The graphical one.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.