We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Which Low Cost Hardware Firewall is good for Windows Server 2008 R2 Machine

Medium Priority
597 Views
Last Modified: 2012-05-11
Hi, EE,

I want a Low Cost Hardware Firewall Under $100 ~ 120,

i want to secure my ERP Application which is running under Apache, MySQL, and built with Adobe Flex, Basically This ERP is Running on a Single Static IP Address which is further binded with the Free Hosts Service of  DynDNS.Org, I have Directly Connected the RJ-45 to my Onboard NIC and Configured the Server.

eg:
http://tiny.cc/MyERP                    >>>>>    URL Shortened
MyERP.dyndns.org                     >>>>>    HOST Service at DynDNS.org
http://121.131.141.151:8080/MyERP   >>>>> which further Resolves to 121.131.141.151:8080

So, i want to secure my Server 2008 which is running on a Static IP... with ability of Logs Service

Solutions Other than "Hardware FireWall"  are Highly Appreciated.
e.g.
HTTPS Encryption,
How to Implement Free SSL Certificates under Apaphe in WS 2008 R2

Please Guide me how to implement the Security in my ERP Server.

i am advanced user able to implement the given solutions By EE Members.
Comment
Watch Question

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Life is faster, easier, and (arguably) safer with a decent hardware firewall. It offloads your work to a simple device. A Cisco LinkSys RV042 is an inexpensive such device.  I would do this before maintaining a software firewall.
... Thinkpads_User
I seriously doubt you will find anything man enough for the job at $120 or less.

If you've got an old PC hanging around with a couple of network cards you could set up your own firewall:
http://www.informationweek.com/news/hardware/showArticle.jhtml?articleID=197001131
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
The box I noted above is under $200 and is a very robust device that works well. ... Thinkpads_User
The Linksys offers basic firewall functionality, but is not robust enough that any auditing agency would accept it. If you are subject to GLBA, HIPAA, SOX or Federal reserve auditing, they would likely reject a low end firewall like that.  If those don;t apply to you,m then the Linksys could be a good choice.  Don't use a software firewall, an appliance is much better for many reasons.
Most Valuable Expert 2011

Commented:
I agree with sstone55423.
You're looking at probably over $500 for anything close to what is needed.
Me personally,...anything worth buying is going to be over $1200.00 to maybe $1500.00, and up.

I make no distinction between software and hardware.  They are all software that runs on an OS that run on hardware.  If you have a "hardware" firewall and call support for it they are going to ask you what version of OS it is running (the firmware),..which is just software.  Now that hard drives can be purchased as a solid-state unit even that becomes an irrelevant difference now.  Tthe best firewall on the market IMO right now (everyone has opinions) is MS's Forefront TMG (formerly ISA) and it can be purchased in both a "hardware" and a "software" platform.  I'm not telling you to go out and buy that one,...I'm just giving it as an example to make a point.
Jeff MorlenNetwork Engineer

Commented:
I would have to say that a used unit is not out of the question.
If you need to stay in the $100 range, you could easily get an older PIX or Netscreen 5GT appliance.
If you have a little "wiggle room" you could get yourself a newer, yet still used, FortiNet, Netscreen SSG or smaller ASA5505 appliance.

When picking a firewall you always need to have a clear idea of what it is going to do for you in your head.  If all you need is NAT functionality, then the newest and best is vast overkill.  If you need to protect your data and have VPN functionality, then you really need to look at an appliance that has the speed to handle threats in real time and is capable of supporting an IPSEC or SSL vpn.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Netscreen Juniper units are excellent. I use them at clients. New, they are about $500, maybe a bit more, so I did not mention them. If you can get one used at a lower price as noted above, they are really good.

... Thinkpads_User
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Jeff MorlenNetwork Engineer

Commented:
As "myramu" indicates, an open source firewall will get the job done too.
I would recommend, from the ones listed, and unlisted, that you choose either Monowall, SmoothWall or Untangle (not listed).

Keep in mind you need to build this firewall and it is only as good as the hardware you put it on.
If you are able to purchase hardware, within your budget, I suggest a 1U rack mount server from SuperMicro (you can get them at Newegg.com or TigerDirect.com) or other vendors.

And, although you can get a certificate for free, you still need to modify your system (by adding the root certificate authority).  So, unless you are farmiliar with that, I would say that spending the money for an already trusted CA would be best... especially if you are planning on using any handheld devices with the SSL/CA.

Anyway... that's my 2 cents... again I guess...
Jeff MorlenNetwork Engineer

Commented:
BTW: You can get a 10 user Juniper Networks 5GT for under $50 on eBay.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
>>> BTW: You can get a 10 user Juniper Networks 5GT for under $50 on eBay.

Yes, and a vastly better choice than a software firewall. It will save you time (= money). ... Thinkpads_User
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Pratik ParmarECommerce Manager

Author

Commented:
I am still in busy implementing solutions.
Most Valuable Expert 2011

Commented:
No problem.  We threw a lot of options at you :-)
Pratik ParmarECommerce Manager

Author

Commented:
The Solution Doesnot Satisfy My Needs... but gave me a lot more options to Explore

Commented:
Check this site out, it has a lot of useful information about Juniper Equipment:

http://shop.vds.com/manufacturer/1-juniper-networks.aspx

Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.