Solved

Firewall for Web Server

Posted on 2013-01-08
4
353 Views
Last Modified: 2013-02-18
I looking for an inexpensive firewall.. That will run on Windows 2008 R2 Web server... I need to stay outside my ISA 2006 firewall (my internal network)... I like to have something better than just the Windows firewall thats on the there... Like to see activity, intrusion etc... And possible anti-virus (inexpensive) server based...
0
Comment
Question by:Clint Jones
  • 2
4 Comments
 
LVL 13

Expert Comment

by:upalakshitha
ID: 38757458
Do you like to play with kaspersky which has a great firewall in new version for servers called small office security 2 (KOSS2). Not sure price will match you. There are all things you need
If you go with it do not check price in website, check with authorized dealer in your country area
0
 
LVL 5

Expert Comment

by:Harsem
ID: 38798221
Hello,

Windows firewall can be configured to log all activity. YOu can manage this via group policy and replicate these settings to all of your domain. I have used this multiple times before in various offices and Datacentres.

A Firewall cannot log intrusions, it can only log what has been allowed and/or what has been denied.

I like the Windows Firewall as it can intregrate tightly with the applicaiton, so rather than saying "Allow TCP 80 inbound" you can state this that TCP 80 inbound has to be available to WebServer.exe (or whatever web server software you use).

For Anti-Virus you can use Microsoft's own - as I personally don't like any that are out there. All the majors seem to be signature based, and if you go for heuristics or "advanced Threat Prevention" they tend to eat CPU like nothing else.

Side note: YOu can go a lot further and start using Software Restriction Policies in Windows which are more tedious to set up - but give great protection.


Jens
0
 
LVL 4

Expert Comment

by:Ben Vrijsen
ID: 38884236
Have a look at Astaro! (recently taken over by Sophos)
You can get it as a complete package (hardware & software) or as only software.  (The only thing you then is get a pc with 2 nics and enough RAM in it)
Astaro also has "home" editions available.  This is the complete package, but limited to about 50 IP's on the LAN side.
It's a really appliance with very nice reporting tools.
0
 
LVL 5

Accepted Solution

by:
Harsem earned 500 total points
ID: 38885349
Hello,

one little follow-up post. You can also purchase Intrusion Detection/Prevention Mudules for Cisco ASA Firewalls making this a Firewall + IPS. But this is Cisco - and they charge quite a bit for this. I won't go into what IPS is better than the other, but there are a lot of good resources out there.

You wil lalso find that some IPS vendors are now starting to include Firewall capabilities in their products (such as SourceFire). Further, F5 is now also offering Firewall capabilities, and they also have good application level monitoring. Just a matter of what features you want and how much money you want to spend.

Jens
0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now