jh_007
asked on
Application Level Firewall...
Hi -
I'm redesigning the network topology, so A) be more secure, but B) getting regulatory pressure to do so.
One requirement is to be able to monitor users Web usage. At the moment this means crawling through 1000's of checkpoint logs!
What's the best FW for the PC / Server gateways? (Before it goes up through DMZ etc.. to the internet)
Looking for something with excelent reporting, to make me aware of exactly what users are doing.
What products have you tried / recommend?
Thanks, James.
I'm redesigning the network topology, so A) be more secure, but B) getting regulatory pressure to do so.
One requirement is to be able to monitor users Web usage. At the moment this means crawling through 1000's of checkpoint logs!
What's the best FW for the PC / Server gateways? (Before it goes up through DMZ etc.. to the internet)
Looking for something with excelent reporting, to make me aware of exactly what users are doing.
What products have you tried / recommend?
Thanks, James.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
it is a proxy but gives detailed reports
we use isa2004 which provides good logging/reporting , additionally we use Smartfilter (ISA plugin) to allow/disallow certain sites.
Smartfilter provides excellent reporting on web access.
Smartfilter provides excellent reporting on web access.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Dushan911,
Great link and great answer on the last page.
This is a great example of why you limit outbound access to only what your clients need.
In my case, I only allow outbound access on ports 80 and 443 for my clients. For my servers, I customize the ports as well (Exchange, outbound port 25, etc. etc.)
Of course, block all inbound.
Great link and great answer on the last page.
This is a great example of why you limit outbound access to only what your clients need.
In my case, I only allow outbound access on ports 80 and 443 for my clients. For my servers, I customize the ports as well (Exchange, outbound port 25, etc. etc.)
Of course, block all inbound.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.