[Modus] Firewalls for ISPs

[John M. Troher]

Yeah swapping them makes for seamless switching between old and new acl’s   We use ACL’s in our routers for the common things like netbios etc.   Behind our core router and between our switch we have a ETInc Bandwidth Manager and use it’s firewall for specific things as it can be managed thru the gui J but it allow us to do things like dynamic rules that sniff incoming port 80 traffic for /default.ida or /cmd.exe or root.exe in the URL’s if it see them we have it drop the packet and add the source its dynamic rule blocking the attacker from the whole network until his attacks have been idle for 20 minutes, then he is dropped from the rule.   It gives us great flexibility in firewalling things from the outside, plus it does some pretty sweet bandwidth management, shaping, and graphing.  But it is not a low cost solution.   John   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jon Saunders - SECPA Sent: Friday, February 13, 2004 10:13 AM To: [EMAIL PROTECTED] Subject: [Modus] Firewalls for ISPs   We have all of our servers and admin equipment behind a Symantec Raptor firewall.  We also use ACL’s as to protect a couple of servers (primarily used as routers) and other devices that we can’t place behind the firewall.   John – Great idea on the swapping of ACL’s – Thanks.   Jon Saunders SECOM       From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Admin Sent: Thursday, February 12, 2004 8:59 PM To: [EMAIL PROTECTED] Subject: [Modus] Firewalls for ISPs   We are a small ISP and are concerned about the increase in security problems in Windows.  It seems every few days Microsoft releases security patches.  I have also seen on the Internet that source code for Windows 2000 and NT have leaked out on the Net.   We use all Windows servers connected to the net through a Cisco 2620.  My question is this.... What do the rest of you do for firewall protection? Am I going to have to invest is an expensive hardware firewall and hire on an employee (which I can't really afford) to do full-time security maintenance?     AK Internet Less expensive and more personal than Earthlink, AOL, and MSN 641 E. 10th Avenue Bowling Green, KY  42101 270-793-0647 voice 270-843-7532 fax [EMAIL PROTECTED]