I'll second the Watchguard. Best firewall I ever used. > -----Original Message----- > From: Troy Sosamon [mailto:[EMAIL PROTECTED] > Sent: Friday, January 28, 2005 9:32 AM > To: [email protected] > Subject: RE: Witango-Talk: Off Topic - Firewall > > > > Webdude, > > You really should do yourself a favor and put in a good firewall. > > Take a look at the Watchguard X500 costs about $1500, or you > might even want > to go to an x700. > > www.watchguard.com > > With a good firewall, you can do statefull packet filtering, > proxy services, > and intrusion detection. I think for a very large organization w/ a mail > server it is really important to have the SMTP proxy running that analysis > e-mail and can block invalid attachments and mime types. They also have > spam filter that can be installed and the Firewall. The > Watchguard products > are especially nice because they come with a very nice monitoring and > logging console. > > A good firewall Watchguard or Cisco also come with VPN capabilities. The > Watchguard X series has the ability to set up VPNs using the MS pptp > protocall, so you don't have to load any special VPN software at > the client. > > Some people will say you should go with a Cisco Pix firewall, but by the > time you get all of the pieces especially the monitoring console, you will > spend quite a bit more, and won't gain a whole lot of benefit. > There are a > lot of good arguments for using Cisco, but you will spend more. > > > Troy > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Friday, January 28, 2005 6:30 AM > To: [email protected] > Subject: Witango-Talk: Off Topic - Firewall > > Hey all, > > The company I was with has merged with another and I am in the middle > of doing some major network stuff. I need some advice on a good > firewall. I have been looking at the ISA server from MS and I am > wondering if I need so much of their crap that I would never use. > Anyway, this is what I got going... > > DMZ... > > 50 websites on 2 Win2k servers running Witango - IIS5. > 2 DNS servers - Win2k > public Class C IP block > MSSQL 7.0 Server (currently in DMZ but not sure if it needs to be) - Win2k > Email Servers - Win2k > > Internal... > 20 PCs > 20 Macs > 2 App Servers > Dhcp Server (I am going to get rid of this) > Accounting Server > > I would like to set up a maching with 3 NICs -- Internal, > External and DMZ. > > Currently I am running just some port blocks on the router to the > DMZ. After the DMZ I have a "home built" firewall in Linux (I need to > get rid of this - way to cumbersom to administrate) > > Looking for something that will support multiple IPs in the DMZ, and > the internal. I don't want to have to redo all my DNS and IP > structure to get this to work. That would be way too much of a > headache. > > Any referrals or comments would be appreciated. > > Thanks! > > > > > > > ________________________________________________________________________ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > ________________________________________________________________________ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
