Personal Firewall
I need to set up a personal firewall, the main reason is content filtering.
I need this to be set up on 6 computers, I am considering software that is selling online especially for this, as well as hardware that you can attach to the router that can handle all of the traffic. What are your opinions and price wise where do I stand.
I need this to be set up on 6 computers, I am considering software that is selling online especially for this, as well as hardware that you can attach to the router that can handle all of the traffic. What are your opinions and price wise where do I stand.
If its only 6 computers, it would be more costeffective to use a managed content filtering service provider, for the cost of purchaing and supporting your own solution and paying maintanance it may be better to go managed instead and get a far superior service. All you'll need is a regualr antivirus on the PC's.
You simply point your browser or your proxy server to them and they take take of the rest.
These service providers normally provide filtering way beyond anything you could do by buying in software. Some also do email virus scanning as well for very small cost.
check out www.streamshield.com
You simply point your browser or your proxy server to them and they take take of the rest.
These service providers normally provide filtering way beyond anything you could do by buying in software. Some also do email virus scanning as well for very small cost.
check out www.streamshield.com
ASKER
what I am looking here is about 5 choiches for hardware and their prices, and 5 choiches for software and their prices.
You can set up filtering a number of ways. Are you looking for porn sites and others near that category?
If so the http://www.w3.org/TR/REC-PICSRules can be imported into IE very easily. http://www.microsoft.com/windows/ie/using/howto/security/contentadv/config.mspx
http://www.icra.org/about/
http://www.icra.org/webmasters/
however if users are able to install programs like FireFox or another browser, then a firewall is probably the best solution for such a small group. A proxy would also work, but I think it's a bit much for 6 users.
http://reviews.cnet.com/4864-3667_7-21131904.html?messageSiteID=7&messageID=843204&cval=843204&ctype=msgid
http://download.zonelabs.com/bin/free/information/zapwwf/releaseHistory.html
http://www.zonelabs.com/store/content/catalog/products/zass/zass_details.jsp?lid=zassskulist_info#benefits
-rich
If so the http://www.w3.org/TR/REC-PICSRules can be imported into IE very easily. http://www.microsoft.com/windows/ie/using/howto/security/contentadv/config.mspx
http://www.icra.org/about/
http://www.icra.org/webmasters/
however if users are able to install programs like FireFox or another browser, then a firewall is probably the best solution for such a small group. A proxy would also work, but I think it's a bit much for 6 users.
http://reviews.cnet.com/4864-3667_7-21131904.html?messageSiteID=7&messageID=843204&cval=843204&ctype=msgid
http://download.zonelabs.com/bin/free/information/zapwwf/releaseHistory.html
http://www.zonelabs.com/store/content/catalog/products/zass/zass_details.jsp?lid=zassskulist_info#benefits
-rich
One way to get Content Filtering for a whole network is to use a Sonicwall firewall appliance inside your router, and add the Sonicwall Content Filtering system.
YOu can try the CF system for a month for free if you alreayd hav a Sonicwall firewall. :)
Price of the Sonicwall depends on the size of your network. If you have a smaller-than-ten computer network which will never grow beyond ten, the TZ150 model is very good value.
YOu can try the CF system for a month for free if you alreayd hav a Sonicwall firewall. :)
Price of the Sonicwall depends on the size of your network. If you have a smaller-than-ten computer network which will never grow beyond ten, the TZ150 model is very good value.
Firewall: start with looking at top three, pick what you'll use well - SyGate, NetIce, ZoneLabs
Content Filtering: No. I don't think it worth the bother, between problems, additional spywares, and false positives that end up hiding what you seek. Protection is good, stick with firewall.
One noteworthy, is that most of us use google to search out about our questions. It has its own ways of filtering, and so far they seem adequate enough, so I first recommend you try such filters, check out results, and where you've learned valuable lessons, do pass them on to your users. The key is learning, and information sharing. If users are unaware of dangers, they can get malwares from websites when online, and download and run junk that'll trash everyone else. So eductating them on the facts of life is more important than buying any tools. (Google, btw, is free access site, as is experts-exchange)
Content Filtering: No. I don't think it worth the bother, between problems, additional spywares, and false positives that end up hiding what you seek. Protection is good, stick with firewall.
One noteworthy, is that most of us use google to search out about our questions. It has its own ways of filtering, and so far they seem adequate enough, so I first recommend you try such filters, check out results, and where you've learned valuable lessons, do pass them on to your users. The key is learning, and information sharing. If users are unaware of dangers, they can get malwares from websites when online, and download and run junk that'll trash everyone else. So eductating them on the facts of life is more important than buying any tools. (Google, btw, is free access site, as is experts-exchange)
Re: NetIce/BlackIce, I suppose we should be switching now to recommend looking at ISS, which has abundance of approaches ($) to such problems:
http://www.iss.net/products_services/products.php
http://www.iss.net/products_services/products.php
- and do not even consider any company that does not specialize in such products in the first place, such as Microsoft, symantec... they are first ones who buy out some small relevant product, dilute it to some 'package' that is less effective, and are actually part of the source of the problem requiring you to raise such a question in the first place
ASKER
any prices?
Hi qtvingo14...
I'll take a shot at providing something useful for you.... (first attempt in a tech forum)
Zonelabs.com provides ZoneAlarm software firewall. It is very reputable - consistently high rankings by PCWorld - Cnet etc...
They provide a free version for personal use - routinely beats out the commercially priced competition in effectiveness and ease of use.
Worth noting: This is a permission based firewall, like most of the competition... the only exceptions I can come up with are WinXP firewall and Trend_Micros's firewall, which do packet scanning for suspicious activity.
Also worth Noting - TrendMicro - is great for the novice who doesn't want to grant permissions... and they provide toll free tech support, where a lot of the competition charges something like $35.00 per incedent.
If you go to Cnet.com and look for firewall software - you'll have the option to do side by side comparison of features and cost of different products.... McAfee's, Norton's, Trend Micro's, ZoneLabs... and others. (typically 30.00 - 60.00 per license.)
A reputable router (Linksys) will complement ZoneLabs software very nicely...
I hope my answers aren't off the mark??
Good luck.
I'll take a shot at providing something useful for you.... (first attempt in a tech forum)
Zonelabs.com provides ZoneAlarm software firewall. It is very reputable - consistently high rankings by PCWorld - Cnet etc...
They provide a free version for personal use - routinely beats out the commercially priced competition in effectiveness and ease of use.
Worth noting: This is a permission based firewall, like most of the competition... the only exceptions I can come up with are WinXP firewall and Trend_Micros's firewall, which do packet scanning for suspicious activity.
Also worth Noting - TrendMicro - is great for the novice who doesn't want to grant permissions... and they provide toll free tech support, where a lot of the competition charges something like $35.00 per incedent.
If you go to Cnet.com and look for firewall software - you'll have the option to do side by side comparison of features and cost of different products.... McAfee's, Norton's, Trend Micro's, ZoneLabs... and others. (typically 30.00 - 60.00 per license.)
A reputable router (Linksys) will complement ZoneLabs software very nicely...
I hope my answers aren't off the mark??
Good luck.
gtvingo14 > any prices?
You got the funds, you should know that Cisco is pretty much a standard for robustness. On the cheap, I think ZoneLabs and SyGate at least offer entry level freebies you can try to use that are fairly adequate, try one here, one there, decide what you like and get a more full-blown version for under 100.
C_Wit > (typically 30.00 - 60.00 per license.)
That sounds about right, for adequate, although the zeroes may be nines (round up). From past experience I'd not ditto a Trend or Linksys (eg problems), or a 'suite' such as from the A/V vendors, who have too much concentration on what is not needed, not enough on what is useful.
You got the funds, you should know that Cisco is pretty much a standard for robustness. On the cheap, I think ZoneLabs and SyGate at least offer entry level freebies you can try to use that are fairly adequate, try one here, one there, decide what you like and get a more full-blown version for under 100.
C_Wit > (typically 30.00 - 60.00 per license.)
That sounds about right, for adequate, although the zeroes may be nines (round up). From past experience I'd not ditto a Trend or Linksys (eg problems), or a 'suite' such as from the A/V vendors, who have too much concentration on what is not needed, not enough on what is useful.
> If you go to Cnet.com
also tucows would be good for window shopping excursions, and a visit to grc.com may be enlightening, if looking for that.
also tucows would be good for window shopping excursions, and a visit to grc.com may be enlightening, if looking for that.
Hi SunBow, gtvingo14, others,
From C_Wit:
I do echo SunBow's comment regarding Cisco... although Linksys is popular among retailers/home consumers, and they have a lot of satisfied customers.
Many people praise ZoneLabs ZoneAlarm (free version.)- If interested in reading a review, try www.PCworld.com
According to cnets www.download.com: ZoneAlarm has over 35 million downloads and a 4.5/5 star rating.
Keep in mind, with volume purchasing, or as a returning customer to a manufacturers website, you may find up to a 20 or even 30% discount.... I've seen people buy Nortons Internet Security at a retail cost then purchase several more licenses direct from the website (just to get the discount.)
in addition to cnet.com, mysimon.com gives pricing information.
newegg.com is a good supplier of computer products.
pricewatch.com is a great place for vendors/suppliers to compete - "cut throat pricing"
From C_Wit:
I do echo SunBow's comment regarding Cisco... although Linksys is popular among retailers/home consumers, and they have a lot of satisfied customers.
Many people praise ZoneLabs ZoneAlarm (free version.)- If interested in reading a review, try www.PCworld.com
According to cnets www.download.com: ZoneAlarm has over 35 million downloads and a 4.5/5 star rating.
Keep in mind, with volume purchasing, or as a returning customer to a manufacturers website, you may find up to a 20 or even 30% discount.... I've seen people buy Nortons Internet Security at a retail cost then purchase several more licenses direct from the website (just to get the discount.)
in addition to cnet.com, mysimon.com gives pricing information.
newegg.com is a good supplier of computer products.
pricewatch.com is a great place for vendors/suppliers to compete - "cut throat pricing"
OK for firewalls hardware firewalls provide better security than software however cost is a factor.
If you buy a Cisco PIX for example you can also set up an N2H2 or Websense web filtering service where no traffic is allowed through the firewall until it has been through the filtering server. This may be a costly solution. I would recommend on the hardare point of view CISCO PIX 501 central firewall as there is only 6 users a 501 should do the job. A 506E is the next model up.
If you want a software firewall have a look at some of the following
Kapersky Anit Hacker, this is an excellent product http://www.kaspersky.com/antihacker
Kerio Firewall is good and has some built in content filtering http://www.kerio.com/kerio.html
From a pure content filtering point of view, products such as Websense and Surf control maybe costly and in your circumstances I would reccomend looking at something such as Cyber Patrol :-
http://www.cyberpatrol.com/
This is a more personalised product from surf control, and is ideal for your kind of environment. I have seen thi in operation before and can say this is a good product.
Hope this helps to add to the confusion :-)
Graeme
If you buy a Cisco PIX for example you can also set up an N2H2 or Websense web filtering service where no traffic is allowed through the firewall until it has been through the filtering server. This may be a costly solution. I would recommend on the hardare point of view CISCO PIX 501 central firewall as there is only 6 users a 501 should do the job. A 506E is the next model up.
If you want a software firewall have a look at some of the following
Kapersky Anit Hacker, this is an excellent product http://www.kaspersky.com/antihacker
Kerio Firewall is good and has some built in content filtering http://www.kerio.com/kerio.html
From a pure content filtering point of view, products such as Websense and Surf control maybe costly and in your circumstances I would reccomend looking at something such as Cyber Patrol :-
http://www.cyberpatrol.com/
This is a more personalised product from surf control, and is ideal for your kind of environment. I have seen thi in operation before and can say this is a good product.
Hope this helps to add to the confusion :-)
Graeme
Check out Http://www.winproxy.com
Does virus scanning, content filtering, spyware/malware scanning before anything hits your network and acts as complete firewall. Also has many more features as configurable access times and limiting protocals. Has a free full dem for 15 or 30 days. Easy to configure.
Works well as I have been using it for 3 years.
Winproxy cost approx $460.00 yearly renewal approx $200
If the computers have antivirus already and dont want any redundancy subtract $100 from botch at the top.
Standalone PC (recommened) $400-500. Unless you have a PC not in use.
Total cost approx $1000
This setup will give you the equivelent of a hardware setup. If you install this on a machine already connected to the network you can cut the cost in half and configure the internet router to only allow connections from that computer.
I have done it both ways well but prefer using a standalone machine between the router and the network.
Does virus scanning, content filtering, spyware/malware scanning before anything hits your network and acts as complete firewall. Also has many more features as configurable access times and limiting protocals. Has a free full dem for 15 or 30 days. Easy to configure.
Works well as I have been using it for 3 years.
Winproxy cost approx $460.00 yearly renewal approx $200
If the computers have antivirus already and dont want any redundancy subtract $100 from botch at the top.
Standalone PC (recommened) $400-500. Unless you have a PC not in use.
Total cost approx $1000
This setup will give you the equivelent of a hardware setup. If you install this on a machine already connected to the network you can cut the cost in half and configure the internet router to only allow connections from that computer.
I have done it both ways well but prefer using a standalone machine between the router and the network.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Didn' read everything, but dind't found a Linux based proposition ...
This will be I think the cheapest/beter way to go ...
All you need is an old computer, download and install linux on it and configure IPTABLES/IPCHAIN
Cost : free if you have the computer.
This will be I think the cheapest/beter way to go ...
All you need is an old computer, download and install linux on it and configure IPTABLES/IPCHAIN
Cost : free if you have the computer.
A partial list of firewalls:
http://insanity.bizhat.com/fire.html
For content management, you may try IEAK:
http://www.microsoft.com/windows/ieak/default.mspx
Good Luck!