Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Looking for small firewall device for isolating hosts on LAN

Posted on 2006-10-23
5
Medium Priority
?
601 Views
Last Modified: 2013-11-16
Hi all,

I'm looking for a cost-effective firewall/router/switch solution to enable us to isolate specific LAN hosts or small subnets from the rest of our LAN. The idea being to provide third-parties access to those hosts but prevent them from potentially attacking other hosts on our network.

We already have a solution for providing the remote access but just need to isolate the hosts/small subnets.

The ideal device would have 4 or 5 ethernet ports and allow us to set fairly simple rules between hosts on those ports and our LAN, along the lines of...

From : Secure Access Device     To: Isolated Servers           Service : PCAnywhere ? MS Terminal ? Citrix ? HTTP ?
From : Isolated Server - Port 1   To: LAN                            Service : FTP
From : Isolated Server - Port 2   To: LAN                            Service: SMTP

Additionally the device might do some simple static routing.

There are plenty device out there that can do this but they also tend to do a lot more besides so the cost can often become quite prohibitive. The above is all we really need this box to do. We were hoping to find something in the £400/$750 range. Equally we also prefer to avoid buying small SOHO type devices for every single host/subnet we want to isolate.

Is there such a box out there? Any help would be greatly appreciated.

TIA.
0
Comment
Question by:rj-smith
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 4

Expert Comment

by:Jeb911
ID: 17789516
Netgear FVS318  The best device to do what you need...

Or this one... http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FR114P.aspx

-JEB
0
 
LVL 6

Expert Comment

by:nexissteve
ID: 17790294
Or you could use open source.

http://m0n0.ch/wall/

All you need is the hardware.

Cheers

S
0
 
LVL 6

Author Comment

by:rj-smith
ID: 17801616
Thanks for your responses guys.

Jeb911: Have you used these NetGear products for a similar scenario? It does look like these firewalls would achieve our basic objectives but is there any control over traffic between the LAN ports? Ideally we'd like to set rules there or at the very least isolate each LAN port so that devices on the LAN ports can communicate with each other.

Nexissteve: We had thought about the open source route but would prefer not to go down that road at this point.
0
 
LVL 15

Accepted Solution

by:
Jeff Perkins earned 225 total points
ID: 17827147
Try Sonic Wall TZ170, it is setup to accept more than one subnet and gives you all the control you need. I've got a couple of networks I maintain setup with these.
0
 
LVL 4

Expert Comment

by:Jeb911
ID: 19506907
Please clean up this article...

-JEB
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question