Results 1 to 9 of 9

Thread: Help -- Help me select the right hardware firewall

  1. #1
    Junior Member
    Join Date
    Jun 2005
    Posts
    6

    Help -- Help me select the right hardware firewall

    I have two servers, which are collocated at an ISP. One is a production server with email and an extranet and the other is a backup - development server. There are no client workstations, just the two servers, which are accessed via the internet.

    There are obviously a number of experts here. What would you recommend as the most cost effective solution?

    What is your opinion of the Fortigate 60, which is what we are considering purchasing?

    Thanks in advance.

    Linda

  2. #2
    Senior Member
    Join Date
    Mar 2003
    Posts
    245
    You'll have to forgive me LindaHewitt, i've had too many beers with dinner and am a little confused about what you are asking.

    If you are looking for cost effective X86 server hardware, I would personally recommend the Dell PowerEdge 2850. I've had very good luck with them, and they are easy to rack and configure. The rails are a breeze, something I wish I could say for the 4 Sun V440's I just racked yesterday!

    http://www1.us.dell.com/content/prod...=04&l=en&s=bsd

    The Fortigate 60 is a hardware firewall solution no? For firewalls/content management I would recommend the best Cisco PIX firewalls you can afford. Sure they have problems, but all hardware firewalls do, and the support (including Perl scripts/modules) is the best on PIX. Content management, I would point you to BlueCoat from EdgeBlue.

    -- spurious
    Get OpenSolaris http://www.opensolaris.org/

  3. #3
    Junior Member
    Join Date
    Jun 2005
    Posts
    6
    My post is about hardware firewall and obtaining recommendations. Since we are a non-profit and cost is an issue, I think that the Cisco PIX are best suited for networks, as opposed to your situation.

    The applicable Cisco PIX is substantially more expensive than the Fortigate 60.

    I would really like to get some feedback on Fortigate hardware firewalls, especially on the anti-virus, which is included with the firewall.

    Cheers,

    Linda

  4. #4
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Off the top here I'd say the Fortigate isn't right for your situation. It has a good deal of functionality that is not appropriate, as it is designed more to protect a small network of client systems.

    What specifically are your requirements? What kind of filtering do you need, what level of traffic, what level of assurance, what price, what talent do you have on hand to install/maintain, what life-cycle requirements?

    These answers will allow a much better answer than whatever our pet firewalls (Sidewinder G2) may be.

    cheers,

    catch

  5. #5
    Junior Member
    Join Date
    Jun 2005
    Posts
    6
    Catch,

    What functionality do you not deem appropriate?

    Linda

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Since your servers are at your ISP can they not provide the filtering you need?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Junior Member
    Join Date
    Jun 2005
    Posts
    6
    The ISP does not provide any security at all. The only service that they provide is a ping service to validate that the servers are online.

    We are running email server software and we are in the process of deploying Windows SharePoint Services 2003 and later Sharepoint Portal Server 2003 as an extranet. Needless to say, we are also running Windows Server 2003 and SQL Server 2000.

    There are 400 members set up in active directory and we are also going to all read-only access to the public sites, when visitors register.

    The prices for getting anti-virus server software for 400 email runs between $1,000 and $2,000. We need a firewall, which can protect both servers and filter antivirus and do intrusion detection.

    The Fortigate 60 is ISCA certified in 4 areas and they appear to have substantial expertise in terms of the anti-virus componet of the firewall.

    What I am trying to determine is whether or not there are any gotchas pertaining to the Fortigate 60 or if there are better alternatives, which will are more cost effective in meeting our needs.

    Cheers,

    Linda

  8. #8
    If you want probably the cheapest piece of junk around... Netgear FR114P, hands down, enought said. But from the sounds of things you just want a network antiviral "solution".

  9. #9
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    /me hugs my WatchGuard.

    VPN, Email filtering, executable blocking, DMZ..... All in a pretty red box....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •