Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 379
  • Last Modified:

Need recommendations for a hardware firewall product for a Windows Server/DNS/IIS installion, recommendations?

I'm setting up/fixing a network that includes DNS and domain controllers, AD, SQL Server database servers, STMP, and IIS services. My understanding is that one right way to do this is to put the Domain Controllers and database servers behind a hardware firewall and have their communications limited to a local subnet and/or trusted IPs. The load-balanced IIS gear will be exposed to the Internet.

I need three recommendations for hardware firewall products that will work for these needs, with an emphasis on a) doing what I need them to do and b) not being a total pain to work with.  I'd like to hear:

a) the el-cheapo option. What's the cheapest reasonable solution?
b) a decent midrange solution
c) the "correct" device for my needs

If you can explain briefly why you prefer one thing or another, that would be great. Thanks.  
0
kennethfine
Asked:
kennethfine
3 Solutions
 
Casey HermanCommented:
a)m0n0wall built on pc platform - takes and old/reliable pc and creates a decent firewall - software is free
b)plastic linksys firewall router ... example:  wrt54g

c) cisco pix - expensive but rock solid - can be difficult to set up some times.

Just MHO though

Casey
0
 
Andres PeralesCommented:
Mostly free - you just need a low end pc - smoothwall --http://www.smoothwall.org/
midrange - Microsoft ISA Server
high - enterprise level cisco PIX or better ASA 55XX security appliance.
0
 
kennethfineAuthor Commented:
Thanks. I'm really looking for hardware: something simple, and reliable, just as a means of closing my DCs and SQL Server database systems off from the general internet. I have a sofware-based application firewall that seems to meet many of my needs for my webs. I don't want to set up and maintain another server system beyond the servers I have going already.

casedog21 is closest to the mark so far, but ideally somebody can recommend simple effective things that they've used before.

thx
0
 
wingateslCommented:
El Cheapo -     Linksys router -  you get what you pay for or Dlink, netgear etc..

midrange - Cisco ASA 5505 or Cisco 871 Router - about the same price and can do basically the same things. The router will give you more flexibility the ASA is a basic firewall

Higher end - Cisco ASA 5510 or Cisco 2800 series router - Higher performing devices with failover capabilities, VPN acceleration.

The mid and high end products Start around $400 and get up over $3000 . The Routers can use CBAC or zone based firewalls and perform well. They also give the most features. I should also not that the 871 router can be used for failover internet connectivity as well and you can get them for ~400. Super easy to configure when you get started and grows into a religion (obviously)
0
 
WianSCommented:
El Cheapo you can look at pfSense. The website is http://www.pfsense.com/
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now