Solved

Firewall for Web Server

Posted on 2013-01-08
4
356 Views
Last Modified: 2013-02-18
I looking for an inexpensive firewall.. That will run on Windows 2008 R2 Web server... I need to stay outside my ISA 2006 firewall (my internal network)... I like to have something better than just the Windows firewall thats on the there... Like to see activity, intrusion etc... And possible anti-virus (inexpensive) server based...
0
Comment
Question by:Clint Jones
  • 2
4 Comments
 
LVL 13

Expert Comment

by:upalakshitha
ID: 38757458
Do you like to play with kaspersky which has a great firewall in new version for servers called small office security 2 (KOSS2). Not sure price will match you. There are all things you need
If you go with it do not check price in website, check with authorized dealer in your country area
0
 
LVL 5

Expert Comment

by:Harsem
ID: 38798221
Hello,

Windows firewall can be configured to log all activity. YOu can manage this via group policy and replicate these settings to all of your domain. I have used this multiple times before in various offices and Datacentres.

A Firewall cannot log intrusions, it can only log what has been allowed and/or what has been denied.

I like the Windows Firewall as it can intregrate tightly with the applicaiton, so rather than saying "Allow TCP 80 inbound" you can state this that TCP 80 inbound has to be available to WebServer.exe (or whatever web server software you use).

For Anti-Virus you can use Microsoft's own - as I personally don't like any that are out there. All the majors seem to be signature based, and if you go for heuristics or "advanced Threat Prevention" they tend to eat CPU like nothing else.

Side note: YOu can go a lot further and start using Software Restriction Policies in Windows which are more tedious to set up - but give great protection.


Jens
0
 
LVL 4

Expert Comment

by:Ben Vrijsen
ID: 38884236
Have a look at Astaro! (recently taken over by Sophos)
You can get it as a complete package (hardware & software) or as only software.  (The only thing you then is get a pc with 2 nics and enough RAM in it)
Astaro also has "home" editions available.  This is the complete package, but limited to about 50 IP's on the LAN side.
It's a really appliance with very nice reporting tools.
0
 
LVL 5

Accepted Solution

by:
Harsem earned 500 total points
ID: 38885349
Hello,

one little follow-up post. You can also purchase Intrusion Detection/Prevention Mudules for Cisco ASA Firewalls making this a Firewall + IPS. But this is Cisco - and they charge quite a bit for this. I won't go into what IPS is better than the other, but there are a lot of good resources out there.

You wil lalso find that some IPS vendors are now starting to include Firewall capabilities in their products (such as SourceFire). Further, F5 is now also offering Firewall capabilities, and they also have good application level monitoring. Just a matter of what features you want and how much money you want to spend.

Jens
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question