• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

Firewall Recommendation


I work for a school that has roughly 1200 students and say 500 computers. We are having bandwidth issues and are about to purchase a net equalizer to help with this. However it will not do everything we need, we are wanting a firewall to use to do some basic things and price is a huge concern. Where I used to work we used a sonicwall and could view the most popular sites visited. This would allow us to have the kids tell us what the cool amazing new sites were and then we could block them. I am looking for an appliance that allows this at a cheaper cost.

Basically I want to be able to see the most visited sites/ip's and be able to block sites easily. I need an easy to use device that we will not have to mess with too much.

1 Solution
Rich RumbleSecurity SamuraiCommented:
Just about any firewall will do, Linux IPTables is a great firewall, and Linux supports "traffic shaping" which allows you to limit each machines connection throughput or a group of machines, an IP range etc... http://en.wikipedia.org/wiki/Traffic_shaping (QOS being enabled on the NIC of each PC is a must) The external links are great
Most enterprise routers can do traffic shaping, Cisco, Juniper, netgear etc...
Ntop can create the graphs and stats you desire, there is a Unix/Linux version and a win32 ported version
*nix: http://www.ntop.org/overview.html
win32: http://www.openxtra.co.uk/freestuff/ntop-xtra.php

I think ntop will provide you with more than you need, it doesn't write much to disk, so make sure you have lots o ram. Cisco pix's are great firewalls also, the 506e would likely suit your needs no problem. http://www.newegg.com/Product/Product.asp?Item=N82E16833120315
ItsChadAuthor Commented:
We have a pix501 however it says it has a 10 user license.....
Rich RumbleSecurity SamuraiCommented:
Do all 500 pc's connect through the firewall currently? Is there some sort of NAT/PAT before the firewall allowing more than 10 ip's at a time?
10-User License
The Cisco PIX 501 10-user license supports up to 10 concurrent source IP addresses from your internal network to traverse through the Cisco PIX 501. The integrated DHCP server supports up to 32 DHCP leases. As your needs grow, both 50 user and unlimited user upgrade licenses are available, allowing you to extend your investment in Cisco PIX 501 equipment.
The 506e has: Concurrent connections: 25,000
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Rich RumbleSecurity SamuraiCommented:
7,500 max connections with the 501 "unlimited" license
A Watchguard X700 will do exactly what you need.
if you have worked on linus, you can use Dansgaurdian with squid proxy server to restrict internet access. It is absolutely free of cost...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now