Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Configure a Firewall in a excisting network

Posted on 2006-06-20
13
Medium Priority
?
218 Views
Last Modified: 2013-11-16
I have a client who had another IT compnay setup their whole network from scratch. The used to have a netgear router/firewall installed as their main gateway. Once the company redid the network the took out the Netgear and installed a regular 16 port switch. They are running SBS2003 and it is setup as the gateway/router/DHCP/DNS/ etc......This leaves them with no security at all. How is it possible to place a firewall in between the modem and the server or in between the server and the switch? not to sure how this goes but i think its the modem and server. Also what do i need to configure to set this up properly? This sort of urgent as they are worried they are prone to hackers etc...the urgency is the reason for the 500 POINTS.
0
Comment
Question by:nexxsupport
  • 6
  • 6
13 Comments
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16945396
So the setup is something similar to

Network ................. Router (win machine) ---------- modem ------------ Internet

Is that right? What sort of Internet connection is there (what modem is it) ?

Cheers
0
 

Author Comment

by:nexxsupport
ID: 16945476
they are using Static DSL Connection. Yes thats the setup.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16945685
In a simple firewall setup you could place as shown below:

Network ................. Router (win machine) ----- FW ---------- modem ------------ Internet

The firewall could be a Linux machine which has some very good security options available by using iptables. IpTable are really good !! and Linux, would be a cheap box also.

Another option is installing a hardware firewall (like a cisco PIX).

Of course, after having the devices in place, you have to set them up. As I believe you know already, this depends entirely of what services are operating on the network.

Let me know if you need any help.

Cheers
0
WatchGuard Case Study: Museum of Flight

“With limited money and limited staffing, we didn’t have a lot of choices in terms of what we could do to bring efficiency. WatchGuard played a central part in changing that.” To provide strong, secure Wi-Fi access within the museum, Hunter chose to deploy WatchGuard’s AP120 APs.

 

Author Comment

by:nexxsupport
ID: 16946518
i was looking for something like a hardware firewall. There are only like 4 users and 1 PDC thats it. I was wondering if it was possible if i could just place a box somewhere. Some people recommend Symantec Security applicance they go for  like $400 or a watchguard. Im just hesitant if i can configure the box to any subnet i want. They are using 10.0.0.X subnet. I know most boxes are programmed as 192.168.X.X.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16946935
To be honest, you could go with linux as the firewall box and that would be for free!! I don't think it is justified to go for a hardware firewall for 4-5 users!

IN addition to the firewall protecting the entry point in your network, you could also protect further more by implementing desktop firewall on each pc.

Cheers
0
 

Author Comment

by:nexxsupport
ID: 16947005
yea they have windows firewall on their XP machines. I know they wont go for a new server, do you not recommend getting something like the symantec gateway security 320? i was recommnded that model. Also when i do decide on a frewall. Do place it between the ISP modem and the server? if so what configurations need to be done on the server? will i need to configure the firewall with the ISP's info?
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16947078
I don't know the symantec gateway security 320. If I was you and had the money, I would buy a Cisco PIX. Depending on the model, they are not that expensive. The disadvantage would be that PIXes are not that user-friendly and you must know what you are doing when setting it up.

In fact, what option you choose, it really depends on what level of security you/they want! And if you think about it, then you should also consider what information they are trying to protect! Bear in mind that security level is according to what you protect! Also, the more security you put in place, the harder it is going to be to manage it.

And yes; you can place the firewall between the server and the modem. Depending on the firewall you implement, you shouldn't need to do much on the server. You will have to configure the firewall though! When you get to that stage, let us know.

Cheers.
0
 

Author Comment

by:nexxsupport
ID: 16947102
ok I will. will i not need the server to look at the firewall before sending out or accepting requests? We have the firewall here, but i have not installed it yet.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 16947146
Is the firewall that is going to look at the packets/inspect them. That the whole idea realy!
The only config I can think of you might have to do on the server and all other machines is set the firewall as the default gateway in tcp/ip properties.

cheers
0
 

Author Comment

by:nexxsupport
ID: 16947165
ok i will try that...so what i've done so far is give it a static IP. But the what is the firewalls gateway?
0
 
LVL 11

Accepted Solution

by:
rafael_acc earned 1500 total points
ID: 16947952
Network ................. Router (win machine) ----- FW ---------- modem ------------ Internet

Now, considering your firewall is correctly configured, you should configure all the internal machines and the server to use the firewall as a defautl gateway. To do that use tcp/ip properties (Right click My Network Places, select Properties, ...)

Cheers
0
 

Author Comment

by:nexxsupport
ID: 16948431
so i must configure the firewall with the ISP's info? If so that would make sense to the connectivity issues.
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question