Solved

Configure a Firewall in a excisting network

Posted on 2006-06-20
13
215 Views
Last Modified: 2013-11-16
I have a client who had another IT compnay setup their whole network from scratch. The used to have a netgear router/firewall installed as their main gateway. Once the company redid the network the took out the Netgear and installed a regular 16 port switch. They are running SBS2003 and it is setup as the gateway/router/DHCP/DNS/ etc......This leaves them with no security at all. How is it possible to place a firewall in between the modem and the server or in between the server and the switch? not to sure how this goes but i think its the modem and server. Also what do i need to configure to set this up properly? This sort of urgent as they are worried they are prone to hackers etc...the urgency is the reason for the 500 POINTS.
0
Comment
Question by:nexxsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
13 Comments
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16945396
So the setup is something similar to

Network ................. Router (win machine) ---------- modem ------------ Internet

Is that right? What sort of Internet connection is there (what modem is it) ?

Cheers
0
 

Author Comment

by:nexxsupport
ID: 16945476
they are using Static DSL Connection. Yes thats the setup.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16945685
In a simple firewall setup you could place as shown below:

Network ................. Router (win machine) ----- FW ---------- modem ------------ Internet

The firewall could be a Linux machine which has some very good security options available by using iptables. IpTable are really good !! and Linux, would be a cheap box also.

Another option is installing a hardware firewall (like a cisco PIX).

Of course, after having the devices in place, you have to set them up. As I believe you know already, this depends entirely of what services are operating on the network.

Let me know if you need any help.

Cheers
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:nexxsupport
ID: 16946518
i was looking for something like a hardware firewall. There are only like 4 users and 1 PDC thats it. I was wondering if it was possible if i could just place a box somewhere. Some people recommend Symantec Security applicance they go for  like $400 or a watchguard. Im just hesitant if i can configure the box to any subnet i want. They are using 10.0.0.X subnet. I know most boxes are programmed as 192.168.X.X.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16946935
To be honest, you could go with linux as the firewall box and that would be for free!! I don't think it is justified to go for a hardware firewall for 4-5 users!

IN addition to the firewall protecting the entry point in your network, you could also protect further more by implementing desktop firewall on each pc.

Cheers
0
 

Author Comment

by:nexxsupport
ID: 16947005
yea they have windows firewall on their XP machines. I know they wont go for a new server, do you not recommend getting something like the symantec gateway security 320? i was recommnded that model. Also when i do decide on a frewall. Do place it between the ISP modem and the server? if so what configurations need to be done on the server? will i need to configure the firewall with the ISP's info?
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16947078
I don't know the symantec gateway security 320. If I was you and had the money, I would buy a Cisco PIX. Depending on the model, they are not that expensive. The disadvantage would be that PIXes are not that user-friendly and you must know what you are doing when setting it up.

In fact, what option you choose, it really depends on what level of security you/they want! And if you think about it, then you should also consider what information they are trying to protect! Bear in mind that security level is according to what you protect! Also, the more security you put in place, the harder it is going to be to manage it.

And yes; you can place the firewall between the server and the modem. Depending on the firewall you implement, you shouldn't need to do much on the server. You will have to configure the firewall though! When you get to that stage, let us know.

Cheers.
0
 

Author Comment

by:nexxsupport
ID: 16947102
ok I will. will i not need the server to look at the firewall before sending out or accepting requests? We have the firewall here, but i have not installed it yet.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16947146
Is the firewall that is going to look at the packets/inspect them. That the whole idea realy!
The only config I can think of you might have to do on the server and all other machines is set the firewall as the default gateway in tcp/ip properties.

cheers
0
 

Author Comment

by:nexxsupport
ID: 16947165
ok i will try that...so what i've done so far is give it a static IP. But the what is the firewalls gateway?
0
 
LVL 11

Accepted Solution

by:
rafael_acc earned 500 total points
ID: 16947952
Network ................. Router (win machine) ----- FW ---------- modem ------------ Internet

Now, considering your firewall is correctly configured, you should configure all the internal machines and the server to use the firewall as a defautl gateway. To do that use tcp/ip properties (Right click My Network Places, select Properties, ...)

Cheers
0
 

Author Comment

by:nexxsupport
ID: 16948431
so i must configure the firewall with the ISP's info? If so that would make sense to the connectivity issues.
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question