Hardware Firewalls

23K

Solutions

10

Articles & Videos

20K

Contributors

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello Experts,

Would it be possible for someone to explain to me how a satellite server for updates work, whether it is patching or definitions?  Here's what I'm trying to understand:

The use case applies to remote users who don't connect via a VPN on a regular basis.  Is there a way to push the patch or new virus definition out if the user is not on the VPN? I don't think it matters what application is being used, for example, Altiris for patching, TrendMicro/Sophos, etc. for virus definition, etc.

I have heard of using a satellite server for this use case and need to understand how it works.

Thank you,
Steph M
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I'm in the market for a new router.  I want a hardware DMZ.  I currently have a NetGear ProSafe FVS338, which is fine except for it lacks a hardware DMZ.
I do not need VPN support.
The other feature I'm interested in is ease of setup.  It doesn't need to be dummy-proof (i.e.  I don't want a "wizard" to do the setup for me).   I just don't want to deal with configuration like what's required for a SonicWall, with a completely un-intuitive UI and setup.
And no bells and whistles that require subscriptions / fees, por favor.

Please only post responses based on your personal experience.  I can Google for routers on my own time... looking for actual real-life recommendation here.
0
My colleague was trying to configure the ASA firewall's management IP but somehow the prompt went and said that the wizard will factory reset the whole ASA firewall, is there anyway to recover back the configuration?

He did not backup but the firewall is left running and never turned off.
0
Dear Experts,

Does anyone know how to configure the default gateway for the Management Interface?
0
We have a Barracuda spam/Firewall 300 here that's got about 30,000 blocked/deferred messages in the outbound queue that I need to get deleted. I can't even bring up the outbound queue in queue management. I spent over an hour with Support and they cant connect with the guy couldn't figure out how to connect with it....that's a different issue. How can I clear these out? Its killing our mail throughput?? I know its got SSH but I can't connect to it. I'm not local to the system but I've got full admin rights. I cant even pull the export out of it.
0
In a Palo Alto networks firewall, how can you see which member of an HA pair is Active?
0
We currently have a Dell Sonic Firewall that is our firewall as well as our company router.  This is our main router for all of our sites in the company.  We have 16.  We implemented through our EMR (Electronic Medical Records) software an upload to a billing company.  They in turn configure and print bills and send them out to our customers.  This has worked fine for over two years.  When this was implemented, we were not required to make any firewall changes at all.

A week ago, the user doing this procedure received an error that the file could not be uploaded.  She called the EMR company, who in their effort to troubleshoot the problem, changed the upload method from ftp to sftp.  She then tried to upload and she got an additional error that port 22 was unable to send.  Seeing that error, the EMR said that the problem has to do with our firewall.  I spoke with the billing company who tried to do a trace route to our external IP.  They were unsuccessful, but I was able to do a trace route to them.  The only caveat is that the user can do this procedure from home with no problem.

I am willing to make firewall changes if necessary, I just don't know what they would be or why it is necessary now, if no one has made any changes other than the upload method from ftp to sftp.

Please help.  I am desperate.
0
The VPN Connection has been giving us issues the last 2 days.
When connected, we are able to access the shared folder and edit/add/delete files. Sometimes an error comes up that says: There is a problem accessing \\servername\SharedFolder.
This has only been happening when using the VPN connection. This error will display a few times and will go away but will come back. I have been pinging the server at the same time as the error so I don't think the server is losing connection.

Any help is appreciated.
0
I have been seeing quite a bit of traffic attempts from a specific ip address to access the above described firewall
how can I block this specific ip address without just blocking all?
0
Hi, we are preparing the rules for Zone-based Policy Firewall on Router c3925, however we need to confirm which traffic usually pass through a router, so that the rule will not block/allow any useful/bad traffic. So can we have a method to see it?

Is there a way other than: "show ip cache flow", "sh ip traffic" ?  

Many thanks in advance,
0
Are Your IoT Devices Out to Get You?
Are Your IoT Devices Out to Get You?

IoT business is booming, with manufacturers connecting any and every “thing” to the Internet. But as pressure grows to release new products faster and faster, we’re all left to wonder: is security a priority? Join our webinar on June 29th for the answer.

Need to create a read-only accounts for users to access the ASA with ASDM.

In order to do this, I need to enable AAA authentication.  Currently I have other local accounts the ASA. Will enabling AAA authentication affect those accounts?

Thank you.
0
Hi, we are having Router Cisco 3925 between LAN and WAN, however it seems like the money is required for AnyConnect VPN on Cisco 3925. We found that pfSense (Free) can be deployed to serve VPN connections however we need to understand its pros and cons.
-So can anyone explain please?
-Should we deploy it or purchase license for AnyConnect?
-Do you know any free Cisco VPN solution that we can configure inside our C3925?

Our priority is:
- Compatible with current environment with minimum impacts to about 400 users
- Easy to configure and troubleshoot
- Price  

Many thanks in advance,
0
Any idea how to block a external IP  / range of IP in Fortigate 100D /

Thx
0
I have a new customer the VPN going straight to the customer was working fine with Comcast crappy router, I install a pfsense and created a rule under nat for VPN, setup server with a static IP etc. somehow this does not work. any help greatly appreciated
0
Hi,

Having an issue with Fortigate 60D using IPsec vpn and 2FA (FortiToken or email).

Vpn is configured for split tunnel.
When dialing the vpn using the FortiClient, I'm asked for username and password.
After supplying the credentials I'm asked for the FortiToken code (or code sent by email).
The problem is that from the moment it asks for the 2FA code and until I supply it, all networks are disconnected in the dialing computer,
and are restored only after supplying the code.
Is this a normal behavior or something wrong in my config ?


Thanks.
0
hi I need some assistance setting up the wan on a new pfsense appliance, I followed the instructions somehow I still can't browse.
how do I setup the wan on this, most tutorials show an older version of pfsense and honestly I'm a total noob on pfsense.
0
HI I am kind of new to this of sense firewall, I have the latest release, my question is about the subnetting for 255.255.255.252 I have to use /30 if I'm not mistaking. also if I'm setting up a VPN server inside the network were do I open ports for this. I look into the nat and configure some things there but I can't be sure.
0
I am going to setup a new PFSense firewall. There are few pieces of equipment on the network that I don't want to have to pay for public facing static IP's for, but I would like to open ports up so they are publicly available to the maintenance people when they are offsite. How do I go about containing those IP's so they can only see out to the internet and not internal to the network in case those pieces of equipment were to be compromise?
0
Hi, I am testing the Cisco ASA 5505 and just wondering whether if this model can support "Router in a stick"?

Moreover, I tried to setup it, details as below:

(different) VLAN users <---> Access Switches <---> Core Switch cisco2960 <-- router on a stick --> Router cisco1941 <---> ASA5505 <---> ISP router

I would like to know if we can setup so that VLANs users can reach the ISP router (Internet) through ASA5505, and what are the requirements to do that?

I created an extended ACL on router, NAT overload it via an interface which connect to ASA, then create an object and define that interface's subnet on ASA. But only router can ping ISP through ASA, not the users. Please can you help?
0
Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

hi experts,

 how do i open port 22 tcp on a sonic firewall?
0
Dear Experts,

I have configured two Fortigates 100D using the ha1 and ha2 interfaces.

Is there a cluster IP address settings to access the active fortigate, so that the client does not have to go to the mgmt interface of each fortigate to check which is the Master?
0
Hi All,

Is it possible to block a particular file, for eg a  malicious pdf, based on its Sha-256/Md5 hash value , from the firewall?

Regards,
T
0
give me configuration of this topology
IMG_20170527_111506109.jpg
0
Hey Experts,

I am a beginner at Juniper SRX.  I have configured my Juniper SRX100 router with the following settings and still having trouble getting out to the Internet.  I need your assistance!  Thanks.

My router config:



[edit]
root@SRX100# show
## Last changed: 2017-05-26 13:41:37 UTC
version 12.1X44-D30.4;
system {
    host-name SRX100;
    root-authentication {
        encrypted-password "$1$l2iSs/4c$M1wAiWytK07./h7YErtOz/"; ## SECRET-DATA
    }
    name-server {
        192.168.1.1;
    }
    login {
        user admin {
            uid 2001;
            class super-user;
        }
    }
    services {
        ssh {
            root-login allow;
        }
        web-management {
            https {
                system-generated-certificate;
            }
        }
        dhcp {
            pool 172.16.73.0/24 {
                address-range low 172.16.73.100 high 172.16.73.150;
                default-lease-time 3600;
                name-server {
                    192.168.1.1;
                }
                router {
                    172.16.73.1;
                }
            }
        }
    }
}
interfaces {
    fe-0/0/0 {
        unit 0 {
            family inet {
                address 192.168.117.80/24;
            }
        }
    }
    fe-0/0/1 {
        unit 0 {
            family inet {
                address 172.16.73.1/24;
            }
        }
    }
}
routing-options {
    …
0
The SSL Certificate for Mobile VPN users is expiring on the firewall and I need to renew the certificate and get it replaced.  I don't have much experience with the GAIA operating system or Linux based systems.  I have CP sk69660 but do not know where the files they reference are located on the system.
0

Hardware Firewalls

23K

Solutions

10

Articles & Videos

20K

Contributors

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.