|
-
May 3rd, 2004, 04:23 AM
#1
Which firewall?
Hey guys, I need your opinion on a firewall.
heres my setup
Satelite modem - 24 port cisco switch - users
Now its to the point where we need to have a decent firewall in place to keep our network secure. I need something that will be able to route traffic from the switch to the satellite modem for internet access, and be able to keep our financial data on the network secure.
our price range is up to $500
so after the firewall is in place, this is what it would look like
Satellite modem - firewall -switch - users.
Nothing to complex, just enough to improve our security.
The most important thing is for the users on the switch to be able to have access to the internet through the firewall. So I will need to be able to route traffic through the firewall to the modem.
Also something with a web based set up would be nice. lol I'm not to good with command line set up on cisco products. heres something I was looking at.
http://www.cdw.com/shop/products/def...spx?EDC=326336
or
http://www.cdw.com/shop/products/def...spx?EDC=415245
or this one
http://www.cdw.com/shop/products/def...spx?EDC=404780
Let me know what your professional oppinion would be.
thanks
-
May 3rd, 2004, 04:31 AM
#2
What is your internet connection type?
Have you looked into any of the cisco 830 products? ( I know cisco... so I use it.)
I'm going to replace my 806 with a 831 any day now...
No worries if you don't know the cisco CLI... they've made it easier for you. 
Cisco Security Device Manager (SDM)—An intuitive, Web-based device management tool embedded within Cisco IOS® access routers
Simplifies router and security configuration through intelligent wizards
Enabling customers to quickly and easily deploy, configure and monitor a Cisco 83x0 Series routers without requiring knowledge of Cisco IOS command line interface (CLI)
Cisco Router Web SetUp Tool
Allows nontechnical users to complete installation by simply pointing a browser at the router and providing user information
Check out the features @ http://www.cisco.com/en/US/products/...08010e5c5.html
I can't wait to get mine.
Dunno if that would be good for you or not. But, by your described setup... I'd get it.
And... you can get it for just under or a little over $500 http://google-cnet.com.com/Cisco_831...subj=831_cisco
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
May 3rd, 2004, 04:39 AM
#3
Internet connection is satellite.
Same as DSL or cable really but through satellite.
Thanks for that link phish, I think I'll look into that.
-
May 4th, 2004, 12:12 AM
#4
ok I have it narrowed down now between your cisco router phish or a watchguard SOHO
I'm kinda going towards the watchguard due to the fact that it has antivirus capabilities.
One question I have about both of these, is I shouldn't have a problem hooking a satellite modem on one port(wan port) then using one of the spare ports on the router/firewall then useing once of the ports for network devices into a switch should I?
Only reason I ask this is cause on some home routers you can't plug a switch or hub, etc into the regular ports on the router. the switch won't recognize it. the only place that you can plug a network device into is the WAN port in order for it to be recognized.
So do you think that both of those would allow me to plug it into a switch and modem? so in a sense, have two wan ports I guess. One for the internal network and the other for the external network (internet) so that the internal can get outside.
watchguard
http://www.cdw.com/shop/products/def...spx?EDC=415245
cisco
http://www.cdw.com/shop/products/def...spx?EDC=449437
once again thanks for you help.
/edit one last question. lol
When a hardware firewall says 10 user licenses, do they mean users as in VPN users connecting to the VPN on the firewall or do they mean 10 as in the max number of connections allowed out of the firewall to the internet?
-
May 4th, 2004, 12:41 AM
#5
I can't comment on the watchguard... I've never used one.
You should be able to connect your modem to the wan port, and then your switch to the lan ports. You won't have two wan ports...
so, the wan would be your external
and the lan would be your internal
if you have any DMZ, then you would just configure that in the router.
I've never hooked up a satellite modem up to one of these routers... and have no idea how to even configure that. the cisco I pointed you to is good for broadband services... cable and dsl. Not sure if a satellite is configure just like one of those? You may want to call watchgurad or cisco and confirm that they'll work properly. The CRWS has an option to configure cable or dsl... not satellite. so, please confirm that before you get it.
Here is how I have mine setup
dsl modem --> cisco 806 wan port --> 24 port switch into one of the lan ports --> pcs into the switch.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
May 4th, 2004, 12:45 AM
#6
hmm
Maybe I'll go with the cisco.
-
May 7th, 2004, 12:25 AM
#7
just a thought, but a llinux firewall/gateway would also do the trick, and could save you that $500..
i've had luck with IPCOP it's got a nice web based user interface, easy to use, updates are easy to apply... and it all starts with a pc you have, 2 nic's and a 20mb download.
http://ipcop.sourceforge.net/cgi-bin.../IPCop/WebHome
worth a shot... no need for much linux experience either, all actual configuration is done via web interface.
-
May 7th, 2004, 12:25 AM
#8
just a thought, but a llinux firewall/gateway would also do the trick, and could save you that $500..
i've had luck with IPCOP it's got a nice web based user interface, easy to use, updates are easy to apply... and it all starts with a pc you have, 2 nic's and a 20mb download.
http://ipcop.sourceforge.net/cgi-bin.../IPCop/WebHome
worth a shot... no need for much linux experience either, all actual configuration is done via web interface.
-
May 7th, 2004, 03:57 AM
#9
Yeah I'd use a nix box for the gateway. You'll get all the throughput you want without Cisco bugs or watchgaurd bugs. You can tighten it down to a nail and even change the ping reply so that anyone outside will think it's a dreamcast or PS2. I did that with my FreeBSD box and it freaks my friends out when they see it.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
May 7th, 2004, 03:57 AM
#10
Yeah I'd use a nix box for the gateway. You'll get all the throughput you want without Cisco bugs or watchgaurd bugs. You can tighten it down to a nail and even change the ping reply so that anyone outside will think it's a dreamcast or PS2. I did that with my FreeBSD box and it freaks my friends out when they see it.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
