?
Solved

Firewall for Web Server

Posted on 2013-01-08
4
Medium Priority
?
360 Views
Last Modified: 2013-02-18
I looking for an inexpensive firewall.. That will run on Windows 2008 R2 Web server... I need to stay outside my ISA 2006 firewall (my internal network)... I like to have something better than just the Windows firewall thats on the there... Like to see activity, intrusion etc... And possible anti-virus (inexpensive) server based...
0
Comment
Question by:Clint Jones
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Expert Comment

by:upalakshitha
ID: 38757458
Do you like to play with kaspersky which has a great firewall in new version for servers called small office security 2 (KOSS2). Not sure price will match you. There are all things you need
If you go with it do not check price in website, check with authorized dealer in your country area
0
 
LVL 5

Expert Comment

by:Harsem
ID: 38798221
Hello,

Windows firewall can be configured to log all activity. YOu can manage this via group policy and replicate these settings to all of your domain. I have used this multiple times before in various offices and Datacentres.

A Firewall cannot log intrusions, it can only log what has been allowed and/or what has been denied.

I like the Windows Firewall as it can intregrate tightly with the applicaiton, so rather than saying "Allow TCP 80 inbound" you can state this that TCP 80 inbound has to be available to WebServer.exe (or whatever web server software you use).

For Anti-Virus you can use Microsoft's own - as I personally don't like any that are out there. All the majors seem to be signature based, and if you go for heuristics or "advanced Threat Prevention" they tend to eat CPU like nothing else.

Side note: YOu can go a lot further and start using Software Restriction Policies in Windows which are more tedious to set up - but give great protection.


Jens
0
 
LVL 4

Expert Comment

by:Ben Vrijsen
ID: 38884236
Have a look at Astaro! (recently taken over by Sophos)
You can get it as a complete package (hardware & software) or as only software.  (The only thing you then is get a pc with 2 nics and enough RAM in it)
Astaro also has "home" editions available.  This is the complete package, but limited to about 50 IP's on the LAN side.
It's a really appliance with very nice reporting tools.
0
 
LVL 5

Accepted Solution

by:
Harsem earned 2000 total points
ID: 38885349
Hello,

one little follow-up post. You can also purchase Intrusion Detection/Prevention Mudules for Cisco ASA Firewalls making this a Firewall + IPS. But this is Cisco - and they charge quite a bit for this. I won't go into what IPS is better than the other, but there are a lot of good resources out there.

You wil lalso find that some IPS vendors are now starting to include Firewall capabilities in their products (such as SourceFire). Further, F5 is now also offering Firewall capabilities, and they also have good application level monitoring. Just a matter of what features you want and how much money you want to spend.

Jens
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question