#I'm searching for a firewall product. I've heard about PIX, firewall-1,
#sunscreen, T.REX, ipchains, raptor, and so on...
#I would like to have different opinions about these products. What you
tried,
#what you like, for which reasons, Which problems you encountered ....
#Then I can start studying some products.
The question isn't what are our opinions on firewalls. It should be what
do you need your firewall to do. Every network is different, therefor,
every security solution is different. These are some of the questions I
would ask myself before I start looking at firewalls.
1. What is the security requirement of this site.
2. Which protocols/applications need to be allowed through the firewall.
3. How complex is the enviroment you are placing the firewall in? Do you
need one dmz, multiple dmzs, no dmzs?
4. What operating systems are you comfortable with?
5. How much traffic is going through your internet link?
6. How much money do you have to spend?
7. Is there a good, dedicated firewall admin or do you need an appliance
with minimal changes?
Here are some commercial firewalls.
Sidewinder (www.securecomputing.com)
Cyberguard (www.cyberguard.com)
Firewall-1 (www.checkpoint.com)
Guantlet (www.nei.com)
Raptor (www.axent.com)
BOrderware (www.borderware.com)
PIX (www.cisco.com)
Or some free ones.
OpenBSD running ipfilter (www.openbsd.org)
<Insert favorite Linux distro here> running ipchains (www.redhat.com or any
other distro)
I prefer the Sidewinder firewall myself. It is an application layer
gateway. It runs on a Trusted Operating System (BSDI 4.1 with Type
Enforcement for MAC added in and a lot of other stuff). It has split DNS.
It has a lot of application layer proxies. ect. ect.
Regards,
Jeffery Gieser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
