?
Solved

Looking for small firewall device for isolating hosts on LAN

Posted on 2006-10-23
5
Medium Priority
?
596 Views
Last Modified: 2013-11-16
Hi all,

I'm looking for a cost-effective firewall/router/switch solution to enable us to isolate specific LAN hosts or small subnets from the rest of our LAN. The idea being to provide third-parties access to those hosts but prevent them from potentially attacking other hosts on our network.

We already have a solution for providing the remote access but just need to isolate the hosts/small subnets.

The ideal device would have 4 or 5 ethernet ports and allow us to set fairly simple rules between hosts on those ports and our LAN, along the lines of...

From : Secure Access Device     To: Isolated Servers           Service : PCAnywhere ? MS Terminal ? Citrix ? HTTP ?
From : Isolated Server - Port 1   To: LAN                            Service : FTP
From : Isolated Server - Port 2   To: LAN                            Service: SMTP

Additionally the device might do some simple static routing.

There are plenty device out there that can do this but they also tend to do a lot more besides so the cost can often become quite prohibitive. The above is all we really need this box to do. We were hoping to find something in the £400/$750 range. Equally we also prefer to avoid buying small SOHO type devices for every single host/subnet we want to isolate.

Is there such a box out there? Any help would be greatly appreciated.

TIA.
0
Comment
Question by:rj-smith
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 4

Expert Comment

by:Jeb911
ID: 17789516
Netgear FVS318  The best device to do what you need...

Or this one... http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FR114P.aspx

-JEB
0
 
LVL 6

Expert Comment

by:nexissteve
ID: 17790294
Or you could use open source.

http://m0n0.ch/wall/

All you need is the hardware.

Cheers

S
0
 
LVL 6

Author Comment

by:rj-smith
ID: 17801616
Thanks for your responses guys.

Jeb911: Have you used these NetGear products for a similar scenario? It does look like these firewalls would achieve our basic objectives but is there any control over traffic between the LAN ports? Ideally we'd like to set rules there or at the very least isolate each LAN port so that devices on the LAN ports can communicate with each other.

Nexissteve: We had thought about the open source route but would prefer not to go down that road at this point.
0
 
LVL 15

Accepted Solution

by:
Jeff Perkins earned 225 total points
ID: 17827147
Try Sonic Wall TZ170, it is setup to accept more than one subnet and gives you all the control you need. I've got a couple of networks I maintain setup with these.
0
 
LVL 4

Expert Comment

by:Jeb911
ID: 19506907
Please clean up this article...

-JEB
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question