Joylan,
#I need some information on how to choose a firewall and the how to create
#the firewall for a system that is going to be using ftp, smtp and http
#tcp-ip protocols. Any suggestions? I hear a lot about some firewall
products
#from different companies but dont know which is the best and the
advantages
#of one product over another.
The first thing I like to do is convince a bunch of firewall vendors to
take me out to lunch. After that I decide which protocols/applications
need to be allowed through the firewall. So far you have some idea. You
will also probably need to allow dns and https as well. Do you have www
servers that will be accessed by the public? Do you want a dmz or perhaps
multiple dmzs? What level of security do you think your site needs? What
operating systems are you comfortable with? How much traffic is going
through your internet link? How much money do you have to spend? I prefer
application layer gateways like Sidewinder or Cyberguard with trusted
operating systems. Here are some firewalls.
Sidewinder (www.securecomputing.com)
Cyberguard (www.cyberguard.com)
Firewall-1 (www.checkpoint.com)
Guantlet (www.nei.com)
Raptor (www.axent.com)
BOrderware (www.borderware.com)
PIX (www.cisco.com)
Or some free ones.
OpenBSD running ipfilter (www.openbsd.org)
<Insert favorite Linux distro here> running ipchains (www.redhat.com or any
other distro)
If you go this way I highly recommend the "Building Linux and OpenBDS
Firewalls" book.
My personal favorite is the Sidewinder firewall but I have no idea if this
is a good choice for you without knowing your network and security needs.
Regards,
Jeffery Gieser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
