Solved

Firewall for Web Server

Posted on 2013-01-08
4
357 Views
Last Modified: 2013-02-18
I looking for an inexpensive firewall.. That will run on Windows 2008 R2 Web server... I need to stay outside my ISA 2006 firewall (my internal network)... I like to have something better than just the Windows firewall thats on the there... Like to see activity, intrusion etc... And possible anti-virus (inexpensive) server based...
0
Comment
Question by:Clint Jones
  • 2
4 Comments
 
LVL 13

Expert Comment

by:upalakshitha
ID: 38757458
Do you like to play with kaspersky which has a great firewall in new version for servers called small office security 2 (KOSS2). Not sure price will match you. There are all things you need
If you go with it do not check price in website, check with authorized dealer in your country area
0
 
LVL 5

Expert Comment

by:Harsem
ID: 38798221
Hello,

Windows firewall can be configured to log all activity. YOu can manage this via group policy and replicate these settings to all of your domain. I have used this multiple times before in various offices and Datacentres.

A Firewall cannot log intrusions, it can only log what has been allowed and/or what has been denied.

I like the Windows Firewall as it can intregrate tightly with the applicaiton, so rather than saying "Allow TCP 80 inbound" you can state this that TCP 80 inbound has to be available to WebServer.exe (or whatever web server software you use).

For Anti-Virus you can use Microsoft's own - as I personally don't like any that are out there. All the majors seem to be signature based, and if you go for heuristics or "advanced Threat Prevention" they tend to eat CPU like nothing else.

Side note: YOu can go a lot further and start using Software Restriction Policies in Windows which are more tedious to set up - but give great protection.


Jens
0
 
LVL 4

Expert Comment

by:Ben Vrijsen
ID: 38884236
Have a look at Astaro! (recently taken over by Sophos)
You can get it as a complete package (hardware & software) or as only software.  (The only thing you then is get a pc with 2 nics and enough RAM in it)
Astaro also has "home" editions available.  This is the complete package, but limited to about 50 IP's on the LAN side.
It's a really appliance with very nice reporting tools.
0
 
LVL 5

Accepted Solution

by:
Harsem earned 500 total points
ID: 38885349
Hello,

one little follow-up post. You can also purchase Intrusion Detection/Prevention Mudules for Cisco ASA Firewalls making this a Firewall + IPS. But this is Cisco - and they charge quite a bit for this. I won't go into what IPS is better than the other, but there are a lot of good resources out there.

You wil lalso find that some IPS vendors are now starting to include Firewall capabilities in their products (such as SourceFire). Further, F5 is now also offering Firewall capabilities, and they also have good application level monitoring. Just a matter of what features you want and how much money you want to spend.

Jens
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question