I prefer the appliance model, because in order for a software firewall to work you are essentially already hacked (in simple terms) the appliance doesn't contain any vital software so it can do its job without interruption.
There are many, but they all pretty much have a web interface. I have worked with SonicWall, and FortiNet and as others have said the watchgaurd sounds good. I guess if there is one feature that I wish I could have gotten in them was called port forwarding. Hope this helps Ben -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, January 28, 2005 9:06 AM To: [email protected] Subject: Re: Witango-Talk: Off Topic - Firewall Okay. I checked both of these products out. I noticed that they are appliances rather then software. This brings up a few questions because I am a novice with appliances... Would an appliance suite my needs better then just software on a machine? If so, how do you actually access the appliance? I am used to having the firewall on a machine and usually do all my administration from that machine. Windows I hope? Is it GUI? (I am an idiot) For what I am running, I see all sorts of different options and models. Can you narrow down the model you think I need to be able to keep DNS, IPs, current configuration etc.? Thanks Sorry about the dumb questions, just trying to get it right the first time. :-) >I've become very fond of the Netscreen firewall / vpn boxes. >Netscreen recently merged with Juniper, so you can see their product >line at juniper.net > >You can get a FW that will run great in a hosting environment for >about 900 bucks. The web based configuration is very easy to use. >And if you so desire, you can pick up a 10 user version (limited >trust side ip addresses) for about half the price. Makes for great >"on the road" device to allow you to tunnel back to the office >without installing any vpn software on your machine. > >Contact me off the list if you want more informatio non the >netscreen products... > >Oh, the product line you want to look at is probably the Netscreen 5 >we have several 5GT's and a 5XP that we purchased a couple years ago. > >/John > >[EMAIL PROTECTED] wrote: > >>Hey all, >> >>The company I was with has merged with another and I am in the >>middle of doing some major network stuff. I need some advice on a >>good firewall. I have been looking at the ISA server from MS and I >>am wondering if I need so much of their crap that I would never >>use. Anyway, this is what I got going... >> >>DMZ... >> >>50 websites on 2 Win2k servers running Witango - IIS5. >>2 DNS servers - Win2k >>public Class C IP block >>MSSQL 7.0 Server (currently in DMZ but not sure if it needs to be) - Win2k >>Email Servers - Win2k >> >>Internal... >>20 PCs >>20 Macs >>2 App Servers >>Dhcp Server (I am going to get rid of this) >>Accounting Server >> >>I would like to set up a maching with 3 NICs -- Internal, External and DMZ. >> >>Currently I am running just some port blocks on the router to the >>DMZ. After the DMZ I have a "home built" firewall in Linux (I need >>to get rid of this - way to cumbersom to administrate) >> >>Looking for something that will support multiple IPs in the DMZ, >>and the internal. I don't want to have to redo all my DNS and IP >>structure to get this to work. That would be way too much of a >>headache. >> >>Any referrals or comments would be appreciated. >> >>Thanks! >> >> >> >> >> >> >>________________________________________________________________________ >>TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf >> >________________________________________________________________________ >TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
