Announcement

Collapse
No announcement yet.

please recommend me a good hardware firewall!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • please recommend me a good hardware firewall!

    hi everyone,
    I'm looking for a good hardware firewall, it should be able to control the internet access for each IP address, also able to control which website the workstation can visit(like parent control) ,also it shoulde has integrated antivirus software like macfee or norton.
    anyone knows, please let me knows, thanks in advance!
    jimmy

  • #2
    Re: please recommend me a good hardware firewall!

    hmmm hardware firewall's doent exist, but what's te budget?
    what about you're current enviroment? how does it look like?
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: please recommend me a good hardware firewall!

      Originally posted by Dumber
      hmmm hardware firewall's doent exist
      What's a Cisco PIX then if hardware firewalls don't exist?
      Server 2000 MCP
      Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        Re: please recommend me a good hardware firewall!

        like sonicwall,this budget is between $1000-$2000, the main concern is :
        1. able to control which Ip can access internet.
        2.can control website visit.
        3.antivirus updatable.

        Comment


        • #5
          Re: please recommend me a good hardware firewall!

          Originally posted by tonyyeb
          What's a Cisco PIX then if hardware firewalls don't exist?
          basically hardware firewalls doen't exist cause any device runs on some kind of software. cisco runs on cisco ios (which is software). Nokia runs on Nokia IPSO etcetc.

          Also, cisco come with updates (new IOS's) for those routers. Also, Cisco is in my oppinion not really a firewall, but more a portblocker
          AFAIK cisco doen't support for example spi, but i'm not a cisco guru
          Last edited by Dumber; 16th January 2006, 20:10.
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: please recommend me a good hardware firewall!

            Originally posted by jimmyjiang
            like sonicwall,this budget is between $1000-$2000, the main concern is :
            1. able to control which Ip can access internet.
            2.can control website visit.
            3.antivirus updatable.

            AFAK there is no firewall with integrated virusscanner and i doen't see why you should want to.
            $1000-$2000 is not much for you're complete Security Suite.

            I would recommend the following:

            *Check Point firewall express (depending how many clients you got including servers). It ismarket Leader of firwalls
            *Mcafee virusscan 8.0 enterprise for you're clients and servers and groupshield foryou're exchange server (if you have one).
            All Mcafee products bee´ng managed via Mcafee ePolicy Orchestrator.
            * ISA 2004 as you're proxy server
            * Esafe from aladdin as you're gateway scanner (scans also mail and http and ftp traffic)
            as an alternative for Esafe, you can also use Trend micro Interscan.
            Also websense can be a nice option to control you're internet
            Last edited by Dumber; 16th January 2006, 20:09.
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: please recommend me a good hardware firewall!

              Originally posted by Dumber
              basically hardware firewalls doen't exist cause any device runs on some kind of software. cisco runs on cisco ios (which is software). Nokia runs on Nokia IPSO etcetc.

              Also, cisco come with updates (new IOS's) for those routers. Also, Cisco is in my oppinion not really a firewall, but more a portblocker
              AFAIK cisco doen't support for example spi, but i'm not a cisco guru
              So a switch isn't hardware cause it runs a piece of software? A wireless access point isnt hardware cause it runs software? And a server isnt a hardware cause it needs a piece of software to run it (BIOS)??!! Doesn't make sense!!
              Server 2000 MCP
              Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

              ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

              Comment


              • #8
                Re: please recommend me a good hardware firewall!

                Originally posted by tonyyeb
                So a switch isn't hardware cause it runs a piece of software? A wireless access point isnt hardware cause it runs software? And a server isnt a hardware cause it needs a piece of software to run it (BIOS)??!! Doesn't make sense!!
                no, no, no... you doen't understand me.. of course it's hardware. of course you need hardware to run softeware on it.

                what i mean is the following:

                Basically there is no such thing as a hardware firewall cause it's not the hardware which is the firewall, but is a software package. Therefore a hardware firewall isn't espessially better then a "software" firewall. This is because it's the software on a "hardware" firewall who does the firewalling.

                Of course is a switch a hardware piece, but does it works without software?

                Ok, for example:

                A server won't run without windows or linux or something.
                a cisco router won't work without the Cisco IOS.
                A nokia Router won't do anything without the Nokia IPSO ios.

                A cisco Router won't do firewalling, without the firewall package from Cisco.
                A nokia Router won't do firewalling without a Check Point package.
                A Windows Server won't do firewalling without ISA (or the integrated firewall from Windows 2003 if you want to call that a firewall)

                do you understand what i mean?

                You need some kind of software which allows you to make an hardware device to a firewall. So the Firewall itself should be an software package.

                But, the advantages of an "hardware" firewall is less maintance then a Windows device. Therefore ir recommend check Point with a Nokia router.

                I hope it makes clear what i mean.
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment


                • #9
                  Re: please recommend me a good hardware firewall!

                  i would choose the checkpoint FW.
                  easy to use...
                  and its one of the best you can get... my opinion.
                  and it supports all the things you need...
                  you can make almost every thing with rules.
                  MCSE 2000 Done
                  RHCE Done

                  Comment


                  • #10
                    Re: please recommend me a good hardware firewall!

                    I get you now marcel. But i would still chose a piece of hardware soley running one piece of software such as a PIX. I suppose the correct term should be dedicated as in it only does that job. With checkpoint or ISA you are also relying on windows or linux underneath to stay reliable and resist attack from virus, hacking etc... plus the large variety of server hardware that it may be based on.....

                    Thats my opinion anyway...
                    Server 2000 MCP
                    Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

                    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                    Comment


                    • #11
                      Re: please recommend me a good hardware firewall!

                      Check Point also runs on Nokia which i should recommend rather dan Cisco Pix. AFAIK the Cisco Pix isn't easy in maintanaice (adding one rule, is removeing the complete acl and then add the complete new acl)
                      it doesn't support SPI
                      It hasn't any reporting tooling
                      etcetc...

                      And no, not the Nokia Cellphone but for example.
                      http://europe.nokia.com/nokia/0,0,77191,0.html


                      sorry, but i go with yaniv.
                      Marcel
                      Technical Consultant
                      Netherlands
                      http://www.phetios.com
                      http://blog.nessus.nl

                      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                      "No matter how secure, there is always the human factor."

                      "Enjoy life today, tomorrow may never come."
                      "If you're going through hell, keep going. ~Winston Churchill"

                      Comment


                      • #12
                        Re: please recommend me a good hardware firewall!

                        Everyones entitled to an opinion...
                        Server 2000 MCP
                        Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

                        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                        Comment


                        • #13
                          Re: please recommend me a good hardware firewall!

                          i can only say: try check point
                          once you worked with it, i'll you go with me
                          Marcel
                          Technical Consultant
                          Netherlands
                          http://www.phetios.com
                          http://blog.nessus.nl

                          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                          "No matter how secure, there is always the human factor."

                          "Enjoy life today, tomorrow may never come."
                          "If you're going through hell, keep going. ~Winston Churchill"

                          Comment


                          • #14
                            Re: please recommend me a good hardware firewall!

                            Originally posted by Dumber
                            i can only say: try check point
                            once you worked with it, i'll you go with me
                            I used it in my last job and it was nice to use but i had spend most of my time using a PIX before and after. I have also setup some SBS servers and so played with ISA which is quite easy to use.

                            So to be honest i'd probably go with the cheapest. Probably ISA i guess.
                            Server 2000 MCP
                            Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

                            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                            Comment


                            • #15
                              Re: please recommend me a good hardware firewall!

                              Depending on your Sonicwall you get AV software.

                              SonicWALL Gateway Anti-Virus provides continuous protection against viruses by integrating high performance Real-Time Virus Scanning Engine together with dynamically updated database of Anti-Virus signatures. By stopping viruses at the network perimeter, Gateway Anti-Virus increases administrator's awareness of malicious virus activity. Most importantly, SonicWALL Gateway Anti-Virus offloads the costly and time-consuming burden of protecting internal network from new virus attacks. Contact SonicWALL, Inc. for details on upgrading.

                              This is straight from the Gateway Antivirus Screen on our Sonicwall here.

                              A link to the Sonicwall we have

                              http://www.sonicwall.com/products/pro3060_features.html

                              Comment

                              Working...
                              X