Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: What firewall for small medical research lab

from [Rajeev Kumar] Network Security [Permanent Link]
Subject: Re: What firewall for small medical research lab
Date: Fri, 28 Apr 2006 13:46:33 -0400
You can surely find a list of firewalls in the market. But by my personal experience here is what I would shortlist.

Open Source:
--------------
(1)IPtables based solutions: Grab a PC, install Fedora Core as you thought of and a management software such as Fwbuilder http://www.fwbuilder.org/
This is a very nice way of managing Linux based firewall, you can manage more than 1 firewall boxes from same fwbuilder console. If there is one box to maintain install iptabes/fwbuilder on the same box.

This will give you a enough flexibility to use the power of Linux (OS), as sometimes you want to run extra stuff such as proxy arp, small servers such as dhcp, dns etc. All can be run on the same server with appropriate FW rules to control access. You can run this on very cheap hardware as long as you can install OS on that.

There is some initial time investment here, for setting up firewall, Log collections and analysis etc.

(2)Think of a cooked solutions such as IPCOP (www.ipcop.org), Smoothwall (http://www.smoothwall.org/) etc. This will give you a boot CD and quick FW setup. There are already several out of the box tweaks available for these. For home users and small setup these are perfect.


Commercial:
------------
(3) Checkpoint, Netscreen, Linksys all these have low cost entry level firewalls at their web site. Most of these offer good firewall support plus VPN access capabilities out of the box. However you are bound by the offerings capabilities. Most of the time when you want some useful thing from your firewall they always ask you to pay more to upgrade to the higher paid version. So it is trap sometimes, if you don't know exactly what you are buying here.


In my view if you have Linux/OS level expertise then go for one of the first two options above.
I wouldn't go for the cheap Linksys router/NAT box stuff (found in Staples, Wal-mart) , they are too limited and you will end up pulling your hairs if you expect decent functionality from those models.

Hope this helps.
Rajeev K


rmillisl@millis-it.com wrote: 
I have been asked to research what good, low cost, firewall solutions
might prove suitable for a medical research lab at a local University to
protect confidential patient data from outsiders.

In addition to other research I though I would ask here.

I realize a firewall is just one component of an overall security policy /
implementation.

Basically what is needed is a simple NAT box that generally keeps
outsiders out, and allows authorized lab servers and workstations to
access certain services out on the main building network (DNS, IMAP, POP,
SMTP, HTTP, HTTPS, FTP, SSH) and through that network to the Internet
(through the main building campus/network).

Cost is a very important factor so suggested solutions have been:

- Pay someone to set up a PC based firewall running on surplus hardware
using either Fedora Core 5 and Shorewall 3.0.6 (to allow easy
configuration of iptables rules).  The hardware and software cost are low.
The time could add up. I have considerable experience with this so this
would be the lowest learning curve. Problem is Fedora with its frequent
updates may make managing this more of a chore.

- Pay someone to set up a a PC based firewall running on surplus hardware
using either OpenBSD 3.7 or 3.8 and pf. The hardware and software cost are
low. The time could add up. I have some OpenBSD experience and no pf
background.

- Pay someone to set up a a Linksys or D-Link broadband
switch/firewall/router. The hardware cost is low. The time to set up may
be minimal (Plug&Play + some common sense and provided firewall/filter
capabilities). Are these a serious and secure enough solution?

- Some other low cost hardware or software based alternative. What else
might be out there that I don't know about that might be comparable in
cost to the D-Link or Linksys options.

The PC based solutions I personally have the most confidence in with
respect to hand crafting a minimal OS build and hardening and patching the
OS and doing rules mostly by hand. With pf there is some concern of errors
introduced due to learning curve.

Comments? Suggestions?


-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: What firewall for small medical research lab, Beauford, Jason
Next by Date:  Re: What firewall for small medical research lab, kedearian.secuirty
Previous by Thread:  Re: What firewall for small medical research lab, kedearian.secuirty
Next by Thread:  Re: What firewall for small medical research lab, Smith
Indexes:  [Date] [Thread] [Top] [All Lists]