?
Solved

Securing traffic to Internet..

Posted on 2008-06-21
7
Medium Priority
?
251 Views
Last Modified: 2013-12-14
Hi,
I have 20 PCs winxp all,  connected to the internet...I am planning to put a firewall or a security system to manage them and to log the traffic from them to outside...and I want to protect them from spams, worms, viruses and attacks.
somebody recommend me to use Juniper firewall?
any help will be appreciated,,,
0
Comment
Question by:besmile4ever
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 33

Expert Comment

by:CarlWarner
ID: 21837792
>> I want to protect them from spams, worms, viruses and attacks.

Do those 20 WinXP PCs have some kind of anti-virus software on them.   Even with a firewall, it's best to have anti-virus software installed to detect viruses, worms, and trojan horse programs.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 21837816
"...log the traffic from them to outside" - that's very ambitous...if you are to protect content on the clients from being sent to the internet, you should think about solutions like clearswift's mimesweeper or finjan's content control. Those products inspect the content for keywords in the metadata (like "company confidential" or "nato restricted" or whatever) and prevent such data from reaching the internet.

For the other requirements (protection against worms, viruses and spam), you will have to give a detailed setup of how they connect to the internet and what e-mailing solution (client and server) is used.
0
 
LVL 32

Accepted Solution

by:
r-k earned 900 total points
ID: 21837877
Good suggestions above. Your requirements are broad and ambitious, and a lot depends on what you're trying to protect. For example, if you're working for a bank then it's different than for a school. You will want to approach this in multiple ways, i.e. a firewall and anti-virus are both important, but only as part of an overall plan that includes other elements.

It would help if you told us what was most important (e.g. is this a high-security site like a bank, or do you just want to make sure employees are not wasting time).

Some things you definitely want to consider are: (a) Backups (b) User Education (c) Security updates and scanning (d) Firewall (e) AV and anti-malware software (f) configuring the PC's for least-privilege etc. If this is a high-security requirement you should look at encryption. Don't forget to enable the firewall on individual PC's. You need both and AV and an anti-malware program, but don't install more than one of each. To protect from spam you'll want a good anti-spam filter, a lot depends on what you're using for your mail server.

User education is very important because there are a lot of "phishing" or social engineering type threats that get around all barriers you may put in place. This should include explaining to users about how to tell the difference between a real email and a fake email, why they should not install or download "free" things, how to browse the web safely, how to know when something is not working right, etc.

Finally, regular backups will save the day when all else fails.
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 32

Expert Comment

by:r-k
ID: 21837895
I should have added:

A lot comes down to your own vigilance, and that of your users.
No point having a backup plan if you forgot to make sure it is running every night.
No point having a firewall that is not configured properly.
No point having AV software if you forgot to update it every week.
And so on.
In other words, it is more of an ongoing process than a one-time fix.
0
 

Author Comment

by:besmile4ever
ID: 21838221
Thnx to U all..
CarlWarner: Yep they are having their ona ntivirus&but I am still suffering from the spams and worms&and I am planning to use kaspersky but I want to build a management system to mange them.
McKnife: they are connected in avery simple way..all of them to one switch that is connected to a dsl modem..and each of them is using a Microsoft express mail to get themails from our side throught the pop and smtp mails.
I want to scan the mails and know the income and ou going traffic..analyze them..and allowing and denying some traffic based on our needs.
r-k: we are a amall trading company using mails to procees our works.
I want to manage my Network by building a complete security system..your sound is excellent&
Ok can U guide me to the best firwall that I can use to protect my network and how it can be implemented?
Thnx to u all.

0
 
LVL 10

Assisted Solution

by:dragonjim
dragonjim earned 600 total points
ID: 21838375
Take a look at www.questeq.com/cymphonix

I've yet to deploy or even request a trial box, but it might HELP you.
Again, this is PART of a LARGER plan, it is not a solve-all.
0
 
LVL 10

Expert Comment

by:dragonjim
ID: 21838379
Sorry about that... old information sitting on my desk from when I first contacted them:

New site's URL: http://www.questeq.com/html/cymphonix.html
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month14 days, 1 hour left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question