Enterprise firewall solution
16 November 2002, 10:46 AM
#1
Scooby Regular
Thread Starter
Join Date: Apr 2001
Posts: 678
Likes: 0
Received 0 Likes
on
0 Posts
Hi,
I've been looking for a 'proper' firewall solution to evaluate but am so far unsure of what's out there. We run Checkpoint FW1 in the office and I've also downloaded an eval of Symantec Enterprise Firewall, which looks OK but doesn't seem to do proxy arp (which we need).
Can anyone recommend any other solutions other than these two that:
1) Run on Win2000 server
2) Can proxy arp
and preferably
3) Have a VPN module as well.
TIA
Simon
I've been looking for a 'proper' firewall solution to evaluate but am so far unsure of what's out there. We run Checkpoint FW1 in the office and I've also downloaded an eval of Symantec Enterprise Firewall, which looks OK but doesn't seem to do proxy arp (which we need).
Can anyone recommend any other solutions other than these two that:
1) Run on Win2000 server
2) Can proxy arp
and preferably
3) Have a VPN module as well.
TIA
Simon
16 November 2002, 05:21 PM
#2
Scooby Regular
Join Date: Nov 2001
Location: Leeds - It was 562.4bhp@28psi on Optimax, How much closer to 600 with race fuel and a bigger turbo?
Posts: 15,239
Likes: 0
Received 1 Like
on
1 Post
Raptor..
(we used to use it on NT) but now have about 6 Velociraptor boxes.. also one cisco..
David
(we used to use it on NT) but now have about 6 Velociraptor boxes.. also one cisco..
David
16 November 2002, 06:12 PM
#3
Scooby Regular
Join Date: Apr 2002
Location: Birmingham
Posts: 9,196
Likes: 0
Received 0 Likes
on
0 Posts
If you want a proper hardware firewall, the one we have at work is faultless, and really simple to configure rules on etc.
WatchGuard FireBox
Andy
WatchGuard FireBox
Andy
16 November 2002, 08:39 PM
#4
Scooby Regular
Join Date: Oct 1999
Posts: 778
Likes: 0
Received 0 Likes
on
0 Posts
If you are looking for a 'proper' firewall have a look at Stonesoft.
Regular high scorer in reviews with clustering availabilty, multilink VPN, load balancing and an extremely good firewall.
No proxy arp however that can be run seperatly you could send me some details to my email address I will come up with a solution for you.
Regular high scorer in reviews with clustering availabilty, multilink VPN, load balancing and an extremely good firewall.
No proxy arp however that can be run seperatly you could send me some details to my email address I will come up with a solution for you.
17 November 2002, 11:42 AM
#6
Scooby Senior
Join Date: Aug 2002
Location: 52 Festive Road
Posts: 28,311
Likes: 0
Received 0 Likes
on
0 Posts
Proper firewalls never run on OS's from Microsoft. It's like having a very secure front door but yer walls are made of tissue paper...
[Edited by what would scooby do - 11/17/2002 11:45:32 AM]
[Edited by what would scooby do - 11/17/2002 11:45:32 AM]
Trending Topics
17 November 2002, 05:46 PM
#8
Scooby Regular
Join Date: Oct 2002
Posts: 1,998
Likes: 0
Received 0 Likes
on
0 Posts
How about a Sonicwall? They have a good range of dedicated boxes from teleworker right up to rack mounted corp solutions, inc VPN.
playing with a Sonicwall Soho at the moment
Jon
Edited to add: Someone is offering these through the Scoobynet shop I think
[Edited by Rusty Festa - 11/17/2002 5:49:18 PM]
playing with a Sonicwall Soho at the moment
Jon
Edited to add: Someone is offering these through the Scoobynet shop I think
[Edited by Rusty Festa - 11/17/2002 5:49:18 PM]
17 November 2002, 10:19 PM
#10
Scooby Regular
I'm offering the SonicWALLs through the Scoobyshop as it happens...'cos we're SonicWALL resellers....
The arguement about the underlying OS is valid but, and it's a big but, a firewall running on Win2k which is understood by the support staff that maintains it will be more secure than the same software running on a platform that they have no experience off. Checkpoint runs faster in Linux than any other platform but corporates buy Nokia boxs to run their FW-1 on because it's pre-hardened.
There are a number of other 'appliances' that FW-1 runs on now or you could look at
Netscreen
SonicWALL
etc
Jeff
[Edited by Jeff Wiltshire - 11/17/2002 10:21:55 PM]
The arguement about the underlying OS is valid but, and it's a big but, a firewall running on Win2k which is understood by the support staff that maintains it will be more secure than the same software running on a platform that they have no experience off. Checkpoint runs faster in Linux than any other platform but corporates buy Nokia boxs to run their FW-1 on because it's pre-hardened.
There are a number of other 'appliances' that FW-1 runs on now or you could look at
Netscreen
SonicWALL
etc
Jeff
[Edited by Jeff Wiltshire - 11/17/2002 10:21:55 PM]
18 November 2002, 08:11 AM
#11
Scooby Regular
Join Date: Jun 2000
Posts: 13,735
Likes: 0
Received 0 Likes
on
0 Posts
I still know of a Nokia IP650 for sale if you want something that's generally recognised as good hardware to run the firewall on...
Grab yourself a bargain . Mail as per profile if interested.
Nick.
Grab yourself a bargain
. Mail as per profile if interested.Nick.
18 November 2002, 08:29 AM
#12
Scooby Regular
Thread Starter
Join Date: Apr 2001
Posts: 678
Likes: 0
Received 0 Likes
on
0 Posts
Thanks for the replies guys. Will look at them all! Jeff's point about the MS platform is valid - it may not be perfect but it's the OS we're strongest in and as such is obviously the first choice.
Time to start d/l'ing evaluation copies....
Simon
[Edited by SD - 11/18/2002 8:36:06 AM]
Time to start d/l'ing evaluation copies....
Simon
[Edited by SD - 11/18/2002 8:36:06 AM]
18 November 2002, 11:25 AM
#15
Scooby Regular
Join Date: Mar 1999
Posts: 4,518
Likes: 0
Received 0 Likes
on
0 Posts
FW-1 on Windows is fine - so long as the OS is hardened.
PIXs are only PCs in a cisco box running a cutdown *nix OS. The earlier ones are 100% standard ATX motherboard with standard components (bar the ISA flash card for the OS). Later ones are still PC based, albeit less standard - why else would you have USB ports
Deano
PIXs are only PCs in a cisco box running a cutdown *nix OS. The earlier ones are 100% standard ATX motherboard with standard components (bar the ISA flash card for the OS). Later ones are still PC based, albeit less standard - why else would you have USB ports
Deano
18 November 2002, 12:33 PM
#18
Scooby Regular
Join Date: Sep 2002
Location: Essexville
Posts: 4,391
Likes: 0
Received 0 Likes
on
0 Posts
i got a sonicwall pro, had it here for about a year, no problems.
except when i downloaded a bios update in japanese.
Do not do this, as japanese is hard to read.
...unless you are japanese, of course.
Jackie Chan.
except when i downloaded a bios update in japanese.
Do not do this, as japanese is hard to read.
...unless you are japanese, of course.
Jackie Chan.
18 November 2002, 12:44 PM
#20
Scooby Regular
Join Date: Sep 2002
Location: Essexville
Posts: 4,391
Likes: 0
Received 0 Likes
on
0 Posts
haha Jeff, luckily, i was able to see the navigation path at the bottom of the IE window (in english), to get myself out of it...
it is a bit scarey though!! phew!!
hahaha - we live and learn. - excellent product though!!
BB
it is a bit scarey though!! phew!!
hahaha - we live and learn. - excellent product though!!
BB
18 November 2002, 01:54 PM
#21
Scooby Regular
Join Date: Mar 1999
Posts: 4,518
Likes: 0
Received 0 Likes
on
0 Posts
Obne of my colleagues was tasked with uploading a software update to a NetApp NetCache. We were a bit worried when the first re-boot didnt work. Then realised the poor thing was having trouble booting the PDF image of the Manuial 
instead of the OS
We may let him forget it ....one day
Deano
instead of the OS We may let him forget it ....one day
Deano
Thread
Thread Starter
Forum
Replies
Last Post
