Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

General Security General Security
Search Search
Search for:
Tech Support Guy > > >

the deal on firewalls


(!)

PK-her0's Avatar
Member with 1,315 posts.
THREAD STARTER
 
Join Date: Sep 2007
Experience: Beginner
28-Aug-2012, 04:19 AM #1
Smile the deal on firewalls
what is a better firewall solution for a server and 5 pc's?

a hardware device like netgear or sonicwall
or a software firewall setup on older hardware (ie some linux firewall solution)
or do they both offer fair protection?

also cost is a factor

pk
zx10guy's Avatar
zx10guy has a Photo Album
Computer Specs
Trusted Advisor with 3,995 posts.
 
Join Date: Mar 2008
28-Aug-2012, 02:40 PM #2
Depends on what security features you're interested. Are you looking for deep packet inspection? UTM? IPS/IDS?
PK-her0's Avatar
Member with 1,315 posts.
THREAD STARTER
 
Join Date: Sep 2007
Experience: Beginner
28-Aug-2012, 04:25 PM #3
hi zx just looking for something within budget that will do a good job on security
i am (obviously) not a security specialist and dont even recognize the jargon you using in your post (though i am going to read about it now)

any ideas on something decent or is this configuration going to be beyond me?
zx10guy's Avatar
zx10guy has a Photo Album
Computer Specs
Trusted Advisor with 3,995 posts.
 
Join Date: Mar 2008
28-Aug-2012, 04:55 PM #4
Well, an actual figure for what your budget is would be a good start. What is expensive for one person is cheap for another.
lunarlander's Avatar
Computer Specs
Member with 5,547 posts.
 
Join Date: Sep 2007
28-Aug-2012, 06:45 PM #5
I would stay away from Linux firewall distros. 1) They are usually small outfits, and can't even afford to setup a security patch download service like the bigger distros like Redhat and Ubuntu. 2) Your attackers can easily obtain a copy of your Linux firewall distro to analyse and test attacks. 3) Most of them don't even apply SELinux to protect themselves.

While I wouldnt do without a perimeter firewall, I wouldn't spend too much on it. A cheap DLink/Linksys router that has Stateful Packet Inspection firewall ( SPI ) will do. ( around $60 ) Instead, I would pay more attention to PC based defences as most attacks nowadays focus on breaking thru your browser, Flash, Adobe Reader etc. At the very least, install Secunia's PSI ( free ) which monitors your installed applications for missing security patches. It will scan and find them and offer links to update them. Security patches are essential to having a safe network of PCs.

A pricier firewall will give you more toys. Like user defined firewall rules, VPN, a DMZ subnet, illegal tcpip packet detection, subscription based email antivirus, VLAN, centralized sysloging, and maybe intrusion detection system ( IDS ),

Last edited by lunarlander; 28-Aug-2012 at 07:36 PM..
PK-her0's Avatar
Member with 1,315 posts.
THREAD STARTER
 
Join Date: Sep 2007
Experience: Beginner
01-Sep-2012, 06:26 AM #6
Thanks lunar...that really helped...will take all advice on board...

yes i must also look at the budget first...
zx10guy's Avatar
zx10guy has a Photo Album
Computer Specs
Trusted Advisor with 3,995 posts.
 
Join Date: Mar 2008
02-Sep-2012, 08:03 AM #7
I disagree with Lunar on focusing on PC centric defenses. All the enterprises I've worked or dealt with, have very robust security appliances which shifts away the various issues around PC centric security schemes. The ideology is to stop malicious traffic from ever even getting to the PCs in the first place.
lunarlander's Avatar
Computer Specs
Member with 5,547 posts.
 
Join Date: Sep 2007
02-Sep-2012, 12:57 PM #8
I wouldnt go as far to say I am favoring a PC centric security setup.

Some things work better when it is sitting on a PC, like end point antivirus security. There is the signature checking part and the hueristics part of an antivirus, and the signature checking can be done at the gateway, but the hueristics part works by sitting on the PC.

Then there are products like Faronics Deepfreeze, they do have an enterrprise version. So I wouldn't categorize them as PC centric, but their defence is PC based.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑