• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

SOHO Network Secutiry ? Basic Guide lines

Hello ,
Last days i am working on building up a more secure office network.
I Already bought a cisco catalys 2950 so we can have vlan control, port protection and other cisco goodies !
Now my question lies over the Perimeter and IDS, What should i get ? Should i trust a linux package like IPCOP with Snort  ? Or should i build my own rules with tables ?
Should i get a cisco pix ( used one ) or a Firebox 550e ?
We have a very small office ( 10 workers max ) , but we are very worried about network intrusion.
What is the "MUST GET" for this scenario ?
I really want some Good Layer 2 / 3 security with cisco 2950 , plus an IDS and Firewall , that we can really trust !
Thanks, may be you can help us deciding !
0
netwhw
Asked:
netwhw
  • 3
  • 2
1 Solution
 
ccsistaffCommented:
The Cisco ASA and IOS Router with the Firewall Feature Set will give you IPS and Firewalling features.  The ASA 5505 is the smaller unit designed for small branch offices.  The ASA line was designed as a combination unit whereby Cisco incorporated their firewall, IPS, and VPN Concentrator in one unit.  

The SonicWALL TZ series has these features too.  The TZ-180 or TZ-190 would probably be a good fit for you.

Each of these options work well to push logs to an external Syslog source.  

IPS/IDS will cost you a yearly subscription fee no matter what your choice is.

An open source solution will probably work for you but the support is often less than helpful.  
0
 
netwhwAuthor Commented:
Do you think i shouldnt even consider IPCOP or such linux based appliances ?
0
 
ccsistaffCommented:
Absolutely consider them.  But think about the big picture as well.  What kind of support are you going to get when and if you need it.  Cisco and SonicWALL support is excellent.  With IPCOP or other Linux based solution, you're likely to be surfing forums for hours if you have a problem.  My personal preference is to get equipment that I know has good support for upgrades and incidents.
0
 
netwhwAuthor Commented:
Yes, its surelly better to have support from those guys, i searched i will probably go with the basic sonic wall, great ids, great performance and price !
0
 
netwhwAuthor Commented:
Great tip about sonicwall, worth the points !
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now