you make a number of good points, but i have to challenge one or two: On Tue, 29 Jul 2003 10:07:02 +0000 Shane Hollis <[EMAIL PROTECTED]>(by way of Shane Hollis <[EMAIL PROTECTED]>) wrote:
> There is a list of IPCop compatible hardware found here > http://www.ipcop.org/cgi-bin/twiki/view/IPCop/IPCopHCLv01 > > Personaly when it comes to commercial clients and firewalls I prefer a > hardware solution because they are usually safe. The Netgear FM114 series > firewalls are very inexpensive and incredibly easy to setup. clients want > security and value for money (which are normally mutually exclusive) and will > get very antsy if there are on-going problems or regular visits to resove the > same problem needed. This is a one stop, quick and cost effective solution. > > Hardware firewalls cannot be software cracked, AFAIK hardware firewalls still run software internally. their OSes are crackable. There have been vulnerabilities in cisco boxes, and in speedtouch dsl modems. >are fast and don't absorb CPU > time. well an ipcop box only uses its own cpu time - the firewall uses its own cpu - whats the difference? >You also don't have to rebuild them every time you change boxes, > software etc. I have been using the same firewall (ipcop) boxes for ages. They are 486's in slimline cases, they can easily be moved, they run dhcp client and server. >Another nice feature is that they can deal wth DHCP, be moved > where ever you want, allow you to shut down your servers for maintenance and > you can generally set and forget them. > yes you can set and forget ipcop too, apart form looking to see if there are security upgrades, which are easy to install. does the netgear have the facility to upgrade the firmware if there is a vulnerability discovered? and don't say it cannot happen, a google of "netgear vulnerability" produced this as the first hit I'm not sure if its the same device): http://archives.neohapsis.com/archives/nmap/2002/0004.html so, although they are good looking device, i like my open source easily upgradable, ipcop boxes thanks :-) > A site to review them on is: > http://www.ascent.co.nz (my competitors incase you are wondering :-) ) > > The FM114P link is > http://ascent.co.nz/mn-product-spec.asp?pid=109153 > > This information is for the FM114P. There are other versions with wireless > connectivity as well. The cost is $267.00 (incl). > > HTH, > > Shane > -- > Shane Hollis > Notes Unlimited New Zealand > Ph: 021 465 547 > Email: [EMAIL PROTECTED] > > PS. Yes I do sell hardware, give me a yell if you need pricing for stuff. I > am very competitive and am about the same price range as Dragon PC's but > with better service. > > ------------ FM114P info ------------------ > key features: > True Firewall with Stateful Packet Inspection (SPI) and Intrusion Detection > Denial of Service (DoS) attack protection and VPN pass-through > Built-in Print Server and Network Address Translation (NAT) Routing > Easy-to-Use Smart Wizard and Install Assistant > > Total protection! That's what your office network gets with NETGEAR's ProSafe > Firewall/Print Server. This true firewall is broadband-capable, and provides > you with the utmost in business class security \x{2013} Denial of Service > (DoS) protection and Intrusion Detection using Stateful Packet Inspection > (SPI), URL access and content filtering, logging, reporting, and real-time > alerts. VPN pass-through maximizes network security with access control and > encryption. And a built-in print server removes the bottleneck of a dedicated > PC print server and supports multiple print jobs simultaneously. With 4 > auto-sensing, switched LAN ports and Network Address Translation (NAT) > routing, up to 253 users can access your broadband connection at the same > time. There's even a 100 Mbps WAN port for future high-speed broadband > services. > > Thoroughly Protected Has everything you want for maximum security coverage: > True Firewall using Stateful Packet Inspection (SPI) and Intrusion Detection > features, Denial of Service (DoS) attack protection and, for extra > safeguarding, VPN pass-through. There's even a Kensington Lock\x{2122} slot > on the unit to prevent theft. > > FR114P ProSafe Firewall with Print Server provides optimal value and defense > against network security threats. > > Business Class Security VPN pass-through allows for safeguarded connections > to branch offices and your "on-the-go" mobile workforce. Network Address > Translation (NAT) routing enables shared access to your broadband > connection. Includes Web page URL content filtering and sends you e-mail > notification of network activity \x{2013} reporting and tracking of hacker > attempts \x{2013} as well as real-time alerts. > > User Friendly Smart Wizard connects to your ISP quickly; the easy-to-use > Web-based configuration screen and Install Assistant reduce setup time. > Remote administration capability makes connecting to multiple sites a breeze. > The FR114P has an integrated 4-port 10/100 Mbps switch and is compatible with > Windows, UNIX, Macintosh, and Linux. > -- Nick Rout Barrister & Solicitor Christchurch, NZ Ph +64 3 3798966 Fax + 64 3 3798853 http://www.rout.co.nz [EMAIL PROTECTED]
