Solved

Configure a Firewall in a excisting network

Posted on 2006-06-20
13
200 Views
Last Modified: 2013-11-16
I have a client who had another IT compnay setup their whole network from scratch. The used to have a netgear router/firewall installed as their main gateway. Once the company redid the network the took out the Netgear and installed a regular 16 port switch. They are running SBS2003 and it is setup as the gateway/router/DHCP/DNS/ etc......This leaves them with no security at all. How is it possible to place a firewall in between the modem and the server or in between the server and the switch? not to sure how this goes but i think its the modem and server. Also what do i need to configure to set this up properly? This sort of urgent as they are worried they are prone to hackers etc...the urgency is the reason for the 500 POINTS.
0
Comment
Question by:nexxsupport
  • 6
  • 6
13 Comments
 
LVL 11

Expert Comment

by:rafael_acc
Comment Utility
So the setup is something similar to

Network ................. Router (win machine) ---------- modem ------------ Internet

Is that right? What sort of Internet connection is there (what modem is it) ?

Cheers
0
 

Author Comment

by:nexxsupport
Comment Utility
they are using Static DSL Connection. Yes thats the setup.
0
 
LVL 11

Expert Comment

by:rafael_acc
Comment Utility
In a simple firewall setup you could place as shown below:

Network ................. Router (win machine) ----- FW ---------- modem ------------ Internet

The firewall could be a Linux machine which has some very good security options available by using iptables. IpTable are really good !! and Linux, would be a cheap box also.

Another option is installing a hardware firewall (like a cisco PIX).

Of course, after having the devices in place, you have to set them up. As I believe you know already, this depends entirely of what services are operating on the network.

Let me know if you need any help.

Cheers
0
 

Author Comment

by:nexxsupport
Comment Utility
i was looking for something like a hardware firewall. There are only like 4 users and 1 PDC thats it. I was wondering if it was possible if i could just place a box somewhere. Some people recommend Symantec Security applicance they go for  like $400 or a watchguard. Im just hesitant if i can configure the box to any subnet i want. They are using 10.0.0.X subnet. I know most boxes are programmed as 192.168.X.X.
0
 
LVL 11

Expert Comment

by:rafael_acc
Comment Utility
To be honest, you could go with linux as the firewall box and that would be for free!! I don't think it is justified to go for a hardware firewall for 4-5 users!

IN addition to the firewall protecting the entry point in your network, you could also protect further more by implementing desktop firewall on each pc.

Cheers
0
 

Author Comment

by:nexxsupport
Comment Utility
yea they have windows firewall on their XP machines. I know they wont go for a new server, do you not recommend getting something like the symantec gateway security 320? i was recommnded that model. Also when i do decide on a frewall. Do place it between the ISP modem and the server? if so what configurations need to be done on the server? will i need to configure the firewall with the ISP's info?
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 11

Expert Comment

by:rafael_acc
Comment Utility
I don't know the symantec gateway security 320. If I was you and had the money, I would buy a Cisco PIX. Depending on the model, they are not that expensive. The disadvantage would be that PIXes are not that user-friendly and you must know what you are doing when setting it up.

In fact, what option you choose, it really depends on what level of security you/they want! And if you think about it, then you should also consider what information they are trying to protect! Bear in mind that security level is according to what you protect! Also, the more security you put in place, the harder it is going to be to manage it.

And yes; you can place the firewall between the server and the modem. Depending on the firewall you implement, you shouldn't need to do much on the server. You will have to configure the firewall though! When you get to that stage, let us know.

Cheers.
0
 

Author Comment

by:nexxsupport
Comment Utility
ok I will. will i not need the server to look at the firewall before sending out or accepting requests? We have the firewall here, but i have not installed it yet.
0
 
LVL 11

Expert Comment

by:rafael_acc
Comment Utility
Is the firewall that is going to look at the packets/inspect them. That the whole idea realy!
The only config I can think of you might have to do on the server and all other machines is set the firewall as the default gateway in tcp/ip properties.

cheers
0
 

Author Comment

by:nexxsupport
Comment Utility
ok i will try that...so what i've done so far is give it a static IP. But the what is the firewalls gateway?
0
 
LVL 11

Accepted Solution

by:
rafael_acc earned 500 total points
Comment Utility
Network ................. Router (win machine) ----- FW ---------- modem ------------ Internet

Now, considering your firewall is correctly configured, you should configure all the internal machines and the server to use the firewall as a defautl gateway. To do that use tcp/ip properties (Right click My Network Places, select Properties, ...)

Cheers
0
 

Author Comment

by:nexxsupport
Comment Utility
so i must configure the firewall with the ISP's info? If so that would make sense to the connectivity issues.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now