Which Low Cost Hardware Firewall is good for Windows Server 2008 R2 Machine
Hi, EE,
I want a Low Cost Hardware Firewall Under $100 ~ 120,
i want to secure my ERP Application which is running under Apache, MySQL, and built with Adobe Flex, Basically This ERP is Running on a Single Static IP Address which is further binded with the Free Hosts Service of DynDNS.Org, I have Directly Connected the RJ-45 to my Onboard NIC and Configured the Server.
eg:
http://tiny.cc/MyERP >>>>> URL Shortened
MyERP.dyndns.org >>>>> HOST Service at DynDNS.org
http://121.131.141.151:8080/MyERP >>>>> which further Resolves to 121.131.141.151:8080
So, i want to secure my Server 2008 which is running on a Static IP... with ability of Logs Service
Solutions Other than "Hardware FireWall" are Highly Appreciated.
e.g.
HTTPS Encryption,
How to Implement Free SSL Certificates under Apaphe in WS 2008 R2
Please Guide me how to implement the Security in my ERP Server.
i am advanced user able to implement the given solutions By EE Members.
I want a Low Cost Hardware Firewall Under $100 ~ 120,
i want to secure my ERP Application which is running under Apache, MySQL, and built with Adobe Flex, Basically This ERP is Running on a Single Static IP Address which is further binded with the Free Hosts Service of DynDNS.Org, I have Directly Connected the RJ-45 to my Onboard NIC and Configured the Server.
eg:
http://tiny.cc/MyERP >>>>> URL Shortened
MyERP.dyndns.org >>>>> HOST Service at DynDNS.org
http://121.131.141.151:8080/MyERP >>>>> which further Resolves to 121.131.141.151:8080
So, i want to secure my Server 2008 which is running on a Static IP... with ability of Logs Service
Solutions Other than "Hardware FireWall" are Highly Appreciated.
e.g.
HTTPS Encryption,
How to Implement Free SSL Certificates under Apaphe in WS 2008 R2
Please Guide me how to implement the Security in my ERP Server.
i am advanced user able to implement the given solutions By EE Members.
I seriously doubt you will find anything man enough for the job at $120 or less.
If you've got an old PC hanging around with a couple of network cards you could set up your own firewall:
http://www.informationweek.com/news/hardware/showArticle.jhtml?articleID=197001131
If you've got an old PC hanging around with a couple of network cards you could set up your own firewall:
http://www.informationweek.com/news/hardware/showArticle.jhtml?articleID=197001131
The box I noted above is under $200 and is a very robust device that works well. ... Thinkpads_User
The Linksys offers basic firewall functionality, but is not robust enough that any auditing agency would accept it. If you are subject to GLBA, HIPAA, SOX or Federal reserve auditing, they would likely reject a low end firewall like that. If those don;t apply to you,m then the Linksys could be a good choice. Don't use a software firewall, an appliance is much better for many reasons.
I agree with sstone55423.
You're looking at probably over $500 for anything close to what is needed.
Me personally,...anything worth buying is going to be over $1200.00 to maybe $1500.00, and up.
I make no distinction between software and hardware. They are all software that runs on an OS that run on hardware. If you have a "hardware" firewall and call support for it they are going to ask you what version of OS it is running (the firmware),..which is just software. Now that hard drives can be purchased as a solid-state unit even that becomes an irrelevant difference now. Tthe best firewall on the market IMO right now (everyone has opinions) is MS's Forefront TMG (formerly ISA) and it can be purchased in both a "hardware" and a "software" platform. I'm not telling you to go out and buy that one,...I'm just giving it as an example to make a point.
You're looking at probably over $500 for anything close to what is needed.
Me personally,...anything worth buying is going to be over $1200.00 to maybe $1500.00, and up.
I make no distinction between software and hardware. They are all software that runs on an OS that run on hardware. If you have a "hardware" firewall and call support for it they are going to ask you what version of OS it is running (the firmware),..which is just software. Now that hard drives can be purchased as a solid-state unit even that becomes an irrelevant difference now. Tthe best firewall on the market IMO right now (everyone has opinions) is MS's Forefront TMG (formerly ISA) and it can be purchased in both a "hardware" and a "software" platform. I'm not telling you to go out and buy that one,...I'm just giving it as an example to make a point.
I would have to say that a used unit is not out of the question.
If you need to stay in the $100 range, you could easily get an older PIX or Netscreen 5GT appliance.
If you have a little "wiggle room" you could get yourself a newer, yet still used, FortiNet, Netscreen SSG or smaller ASA5505 appliance.
When picking a firewall you always need to have a clear idea of what it is going to do for you in your head. If all you need is NAT functionality, then the newest and best is vast overkill. If you need to protect your data and have VPN functionality, then you really need to look at an appliance that has the speed to handle threats in real time and is capable of supporting an IPSEC or SSL vpn.
If you need to stay in the $100 range, you could easily get an older PIX or Netscreen 5GT appliance.
If you have a little "wiggle room" you could get yourself a newer, yet still used, FortiNet, Netscreen SSG or smaller ASA5505 appliance.
When picking a firewall you always need to have a clear idea of what it is going to do for you in your head. If all you need is NAT functionality, then the newest and best is vast overkill. If you need to protect your data and have VPN functionality, then you really need to look at an appliance that has the speed to handle threats in real time and is capable of supporting an IPSEC or SSL vpn.
Netscreen Juniper units are excellent. I use them at clients. New, they are about $500, maybe a bit more, so I did not mention them. If you can get one used at a lower price as noted above, they are really good.
... Thinkpads_User
... Thinkpads_User
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As "myramu" indicates, an open source firewall will get the job done too.
I would recommend, from the ones listed, and unlisted, that you choose either Monowall, SmoothWall or Untangle (not listed).
Keep in mind you need to build this firewall and it is only as good as the hardware you put it on.
If you are able to purchase hardware, within your budget, I suggest a 1U rack mount server from SuperMicro (you can get them at Newegg.com or TigerDirect.com) or other vendors.
And, although you can get a certificate for free, you still need to modify your system (by adding the root certificate authority). So, unless you are farmiliar with that, I would say that spending the money for an already trusted CA would be best... especially if you are planning on using any handheld devices with the SSL/CA.
Anyway... that's my 2 cents... again I guess...
I would recommend, from the ones listed, and unlisted, that you choose either Monowall, SmoothWall or Untangle (not listed).
Keep in mind you need to build this firewall and it is only as good as the hardware you put it on.
If you are able to purchase hardware, within your budget, I suggest a 1U rack mount server from SuperMicro (you can get them at Newegg.com or TigerDirect.com) or other vendors.
And, although you can get a certificate for free, you still need to modify your system (by adding the root certificate authority). So, unless you are farmiliar with that, I would say that spending the money for an already trusted CA would be best... especially if you are planning on using any handheld devices with the SSL/CA.
Anyway... that's my 2 cents... again I guess...
BTW: You can get a 10 user Juniper Networks 5GT for under $50 on eBay.
>>> BTW: You can get a 10 user Juniper Networks 5GT for under $50 on eBay.
Yes, and a vastly better choice than a software firewall. It will save you time (= money). ... Thinkpads_User
Yes, and a vastly better choice than a software firewall. It will save you time (= money). ... Thinkpads_User
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am still in busy implementing solutions.
No problem. We threw a lot of options at you :-)
ASKER
The Solution Doesnot Satisfy My Needs... but gave me a lot more options to Explore
Check this site out, it has a lot of useful information about Juniper Equipment:
http://shop.vds.com/manufacturer/1-juniper-networks.aspx
http://shop.vds.com/manufacturer/1-juniper-networks.aspx
... Thinkpads_User