Solved

Looking for small firewall device for isolating hosts on LAN

Posted on 2006-10-23
5
588 Views
Last Modified: 2013-11-16
Hi all,

I'm looking for a cost-effective firewall/router/switch solution to enable us to isolate specific LAN hosts or small subnets from the rest of our LAN. The idea being to provide third-parties access to those hosts but prevent them from potentially attacking other hosts on our network.

We already have a solution for providing the remote access but just need to isolate the hosts/small subnets.

The ideal device would have 4 or 5 ethernet ports and allow us to set fairly simple rules between hosts on those ports and our LAN, along the lines of...

From : Secure Access Device     To: Isolated Servers           Service : PCAnywhere ? MS Terminal ? Citrix ? HTTP ?
From : Isolated Server - Port 1   To: LAN                            Service : FTP
From : Isolated Server - Port 2   To: LAN                            Service: SMTP

Additionally the device might do some simple static routing.

There are plenty device out there that can do this but they also tend to do a lot more besides so the cost can often become quite prohibitive. The above is all we really need this box to do. We were hoping to find something in the £400/$750 range. Equally we also prefer to avoid buying small SOHO type devices for every single host/subnet we want to isolate.

Is there such a box out there? Any help would be greatly appreciated.

TIA.
0
Comment
Question by:rj-smith
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 4

Expert Comment

by:Jeb911
ID: 17789516
Netgear FVS318  The best device to do what you need...

Or this one... http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FR114P.aspx

-JEB
0
 
LVL 6

Expert Comment

by:nexissteve
ID: 17790294
Or you could use open source.

http://m0n0.ch/wall/

All you need is the hardware.

Cheers

S
0
 
LVL 6

Author Comment

by:rj-smith
ID: 17801616
Thanks for your responses guys.

Jeb911: Have you used these NetGear products for a similar scenario? It does look like these firewalls would achieve our basic objectives but is there any control over traffic between the LAN ports? Ideally we'd like to set rules there or at the very least isolate each LAN port so that devices on the LAN ports can communicate with each other.

Nexissteve: We had thought about the open source route but would prefer not to go down that road at this point.
0
 
LVL 15

Accepted Solution

by:
Jeff Perkins earned 75 total points
ID: 17827147
Try Sonic Wall TZ170, it is setup to accept more than one subnet and gives you all the control you need. I've got a couple of networks I maintain setup with these.
0
 
LVL 4

Expert Comment

by:Jeb911
ID: 19506907
Please clean up this article...

-JEB
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question