Solved

hardware firewall

Posted on 2006-10-26
10
277 Views
Last Modified: 2013-11-16
Hi,

i would like to have some firewall that could act as a defence in between modem and server

say my dsl modem is giving me a fix IP say 202.111.111.88 which this will be set to the win server (coz some of the software need this server to be directly conncted to host not forwarding). I dont need a router, only the server will be connected to outside world

Modem ---->hardware firewall---->win Server(202.111.111.88) !

is there something like that, i was told that cisco pix can do that but i'm no cisco  guy, please advice

cheers
0
Comment
Question by:mysticaljoey
10 Comments
 
LVL 9

Accepted Solution

by:
tim1731 earned 125 total points
ID: 17817524
Hi,

1.Netscreen good around easier to use then a pix off ebay for around £40
2.Draytek modem/firewall can even use windows vpn client
0
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 125 total points
ID: 17817699
buy a cisco pix 501... that's the better solution.... a net screen can be a good alternative.
0
 
LVL 9

Expert Comment

by:tim1731
ID: 17817724
He stated he isnt a cisco person so PIX or ASA isnt it, PIX isnt a better firewall than Netscreen model for model they both have their pros and Cons, but for ease of use for the average person Netscreen wins hands down.

0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 125 total points
ID: 17818295
>some of the software need this server to be directly conncted to host not forwarding
Does this mean that you can't use NAT to selectively port-forward traffic, or can you use a one-to-one NAT whole IP address?

The Cisco ASA5500 can work in either a Layer2 "drop in" mode as an inline filter with public IP still assigned to the server, or it can serve in a routed mode with private IP on the server, public IP on the ASA and do either 1-1 static nat or port forwarding. The ASDM Graphical User Interface is very easy to navigate, has several wizards, and you don't need a degree in Cisco command line.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 9

Expert Comment

by:tim1731
ID: 17818381
and the price for the Cisco is  http://gryphonit.securewebstore.co.uk/INU_products/INU_ProdDetailsL2.ASP?ref=09087674

Pricing for the Netscreen is http://uk.insight.com/apps/productpresentation/index.php?product_id=NSNNK103&cm_mmc=Froogle-_-NK-_-NSN-_-NSNNK103&src=FRO1

Both do transparent mode,both have wizards, agree that on the ASA5500 the GUI is miles better than is was but it still isnt worth 3 times as much as a Netscreen.

+ Support and maintenance costs are more, they are other options apart from Cisco

Routers firewalls=Juniper
Switches=Extreme,Foundry
Telephony=3COM,Welltech,Adtran
SSL VPN =Sonicwall,Neoteris now Juniper
Wireless = Aruba Networks



0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17818495
I can't argue that there are many options, but the List price for Cisco ASA5505-50-K9 bundle is only $895 USD. Street prices around $650-700. Fully featured, 50 user license. Extended support contract is $100/year

I specialize in Cisco products and PIX/ASA, so my hands-on experience with other products is very limited. Therefore, I can't argue the merits of other products, so I welcome Tim's experience.

You  just have to go with what makes you-the end user- comfortable with the price you pay, the product itself, the service you get, and your own skill sets and comfort level with new technologies.



0
 
LVL 9

Expert Comment

by:tim1731
ID: 17818542
Hi Irmore,

In the UK it hard to get Cisco kit at anything like that price unless your a Cisco Silver partner but I will agree that their are times when Cisco is best (IE if using the Cisco Telephony) and the ASA is much more user friendy now.

The point I was trying to make was there is life outside of Cisco (They do make nice phones though)

Cheers

Tim
0
 
LVL 11

Assisted Solution

by:prueconsulting
prueconsulting earned 125 total points
ID: 17819181
Sonicwall makes a nice "user friendly" product as well for the non engineer types.. although i prefer the cisco product offerings if budget allows
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now