?
Solved

Best and easiest firewall for Windows 2003 server

Posted on 2006-06-21
7
Medium Priority
?
395 Views
Last Modified: 2013-11-16
Can anyone suggest a good and easy firewall for windows 2003 server? I bought Kerio WinRoute for one of my servers but I think it is a bit hard to administer, any other suggestions?
0
Comment
Question by:Steverino541
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:Steverino541
ID: 16949853
Maybe I should mention that I have this w2003 server set up with Routing and Remote Access. I have noticed in Windows XP that you can configure the windows firewall to only allow scertain ip's access to some ports but I can not understand how to do this in w2003 server when it is configured with routing and remote access. It says that it has the basic firewall enabled on my WAN interface and that I can set inbound or outbound filters. What I would like to do is block all packets to like port 8000 unless the packets are coming from example ip 83.83.83.83. Can I do this while not blocking anything else? It seems that I can not chose to set what packets to drop or receive, it is either one it seems.In the filter setting I can chose either "Receive all packets except those that meet the criteria below" or " Drop all packets except those that meet the criteria below". What I think I should do is Drop all packets to port 8000 except those that comes from ip 83.83.83.83, can I do that with this basic firewall?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 16954178
If you are open to options, I would get a reasonable router/firewall and let that administer the controls for you rather than doing this on a Windows server. Something like a small PIX unit allows for VPN's, has a web front-end if you like them or a command line interface if you don't, is best-of-breed for the price tag, gives you full control over the environment and you don't have to place around with things on the server.

Regards

keith
0
 

Author Comment

by:Steverino541
ID: 16957728
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16958980
Absolutely. The 501 is a great unit even though it is the entry unit. Many people now are also looking at the ASA55xx range from Cisco also as it is a vpn concentrator/firewall & god knows what else all in one. I use the 501 personally at home and it is brilliant.

I would suggest it would certainly meet your requirements. The other benefit of course is that there is ample support for Cisco eqyuipment on Experts-Exchange as well as many other places including Cisco's own web site.
0
 

Author Comment

by:Steverino541
ID: 16959010
Do you know anything about WATCHGUARD FIREBOX X15W as well?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16961718
No, sorry.

Cisco PIX, ISA, Checkpoint, Sidewinder and a little about Sonicwall's.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16979376
Thank you :)
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question