Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Most secure small home office firewall under $700

from [George Kroonder] Network Security [Permanent Link]
Subject: Re: Most secure small home office firewall under $700
Date: 20 Apr 2005 16:58:10 -0000 
In-Reply-To: <20050329160330.16983.qmail@mail.securityfocus.com>


Right... By now you may have have tested all suggested Open Source firewalls by 
installing all flavours of OSses on old(er) systems and configuring them to act 
as firewalls. I'm sure you also spent countless (?) hours on researching solid 
state (ASIC-based) firewalls in your quest for ***the best*** under $700 
firewall.

How's that working out? Anything to share?

All kidding aside, you allready have some experience with Sonicwall, and as 
allready stated by Mike Etheridge, you should just stick with one of those. 
They're good little solid state firewalls, with deep packet inspection (upto 
layer 7 with the comprehensive IPS/Anti Spyware/Anti Virus option), rock solid, 
and easy to configure/maintain.

Just remember to choose one that fits your requirements and configure it as 
strict a possible. Also remember that a firewall, even one with IPS, is no 
excuse for not patching systems, especially IIS (allthough with the IPS threats 
can also be averted).

In the lower end Sonicwall models you get up to 5000 "in the wild" AV 
signatures; for IPS that is about 2000 I believe. Pro models (outside your 
pricerange) have upto 25000 AV signatures.

Remember, having gateway AV is no excuse for not having host and client based 
AV solutions. And ISP still requires you to patch your hosts.

I you've allready chosen another firewall dont sweat it, if you kept the 
receipt I'm sure you can exchange it for a ... nah, just kidding, you'll be 
fine as long as you configure it as strict as possible, and do use egress rules 
as well, but you allready know this from Chris Buechler's "rant".

Regards,
George.

Oh, and do monitor your webserver like a hawk, do check and analyse the logs 
(event/iis/firewall).

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: Most secure small home office firewall under $700, George Kroonder <=
Previous by Date:  Support for IP redirection by CheckPoint Firewall-1 NG, Jarek Sluzewski
Next by Date:  Re: Question - Advice needed., Paul M.
Previous by Thread:  Support for IP redirection by CheckPoint Firewall-1 NG, Jarek Sluzewski
Next by Thread:  Checkpoint Cluster Interface help, Julian Ramos
Indexes:  [Date] [Thread] [Top] [All Lists]