Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 226
  • Last Modified:

Firewall and anti-virus software for coperate company

I'm looking into upgrading our software. We're rather well behind the times in preventing hacking and having a good backup. I'm just looking for some software that would be good for a company our size. We have approx. 80PCs all XP Pro Workstations. We don't have any VPN yet, but am looking to getting one. Also we have a Point to Point network between here and another small health center we own, that has about 5 PCs on that network. I'm just looking for what is optimial for our company. I was thinking about a hardware firewall, but if a software firewall is just as effective i can settle with that. The only hardware firewall we have now is built into our cisco routers.
1 Solution
Rich RumbleSecurity SamuraiCommented:
For that many users hardware is the way to go. You do have a free alternitive if you can use Linux, it makes a great firewall with iptables. But  Pix 505e or something from cisco would also be good. There are also free AV's like Clam-Av, yet my recommendation is ultimatly McAfee. I like version 8.0i for workstations.
Linux is easy to setup, just select minimum for the software install, and allow it to partition the drives for you. You don't need anything very modern to have a good firewall (the pix for example is running a 333mhz proc at best) So perhaps a 500mhz or better, with 256meg or better. Then you need at least 2 nic's and your almost done.
Here is a brief guide on iptable setup: http://xinn.org/lin-newb-guide1.html

Clam-Av http://www.clamav.net/binary.html#pagestart (the windows version is down the page)
Vendors are now doing firewall/AV in one appliance. As per richrumble, there are many with variations on the same theme, they should also be able to do your vpn stuff as well.

check out the following, they will have entry level devices for small office/branch office;


Also checkout McAfee, Symmantec, as well becuase they are also now doing firewall/AV appliances.

there are a few others, just search google.
We use a custom linux os called Clark Connect.  If you're looking for a cheap/fast solution that easy to setup it's great!  We are running it on a P3 866 / 512mb ram (up 311 days, 17:28) with around 30-50 users behind it.

For more information please check out clarkconnect.com.
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
I have used PIX, Sonicwall, Watchguard, and Symantec and my recommendation goes to Watchguard.  I am so impressed by them that I just changed out all the Symantec appliances in the City I work for with Watchguard.

If you want to keep it cheap, put a Firebox X Edge X-50 unit at the main HQ and a X-5 unit at the remote site.  The X-50 with 1 year of maintenance is about $1000 and the X-5 with 1 year of maintenance is about $450.

These have all the built in IPSec VPN Tunnels to connect with each other and come with some mobile user VPN connections.  You can always buy more if you need them.

If you want more Umph at the main site, substitute the X-50 for say an X700.  This is capable of much more expansion and you can purchase Spam Screen, Gateway AntiVirus, etc for it and customize your rules to lock down exactly what you want.

For AntiVirus on the network, Symantec Corporate AntiVirus.  It is easy to setup and use and you can control and monitor everything from the server.
If you are looking to upgrade/change, then this is your opportunity to significantly influence the corporate IT policy. All companies should have one, but very few companies have the ability to enforce a policy/check on useage effectively etc.

If you want an effective monitor/control of this type of useage, then I highly recommend Astaro (Free fro personal use, and well worth playing with - loads of add ons) :


I would use the built in firewall for XP Sp2 (save some $) and buy Norton Corp addition 9.0 with the correct # of licenses. You will save $ in the long run instead of buying separated NAV for each machine.

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now