1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

the deal on firewalls

Discussion in 'General Security' started by PK-her0, Aug 28, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. PK-her0

    PK-her0 Thread Starter

    Joined:
    Sep 17, 2007
    Messages:
    1,373
    what is a better firewall solution for a server and 5 pc's?

    a hardware device like netgear or sonicwall
    or a software firewall setup on older hardware (ie some linux firewall solution)
    or do they both offer fair protection?

    also cost is a factor

    pk
     
  2. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,370
    Depends on what security features you're interested. Are you looking for deep packet inspection? UTM? IPS/IDS?
     
  3. PK-her0

    PK-her0 Thread Starter

    Joined:
    Sep 17, 2007
    Messages:
    1,373
    hi zx just looking for something within budget that will do a good job on security
    i am (obviously) not a security specialist and dont even recognize the jargon you using in your post (though i am going to read about it now)

    any ideas on something decent or is this configuration going to be beyond me?
     
  4. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,370
    Well, an actual figure for what your budget is would be a good start. What is expensive for one person is cheap for another.
     
  5. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    6,224
    I would stay away from Linux firewall distros. 1) They are usually small outfits, and can't even afford to setup a security patch download service like the bigger distros like Redhat and Ubuntu. 2) Your attackers can easily obtain a copy of your Linux firewall distro to analyse and test attacks. 3) Most of them don't even apply SELinux to protect themselves.

    While I wouldnt do without a perimeter firewall, I wouldn't spend too much on it. A cheap DLink/Linksys router that has Stateful Packet Inspection firewall ( SPI ) will do. ( around $60 ) Instead, I would pay more attention to PC based defences as most attacks nowadays focus on breaking thru your browser, Flash, Adobe Reader etc. At the very least, install Secunia's PSI ( free ) which monitors your installed applications for missing security patches. It will scan and find them and offer links to update them. Security patches are essential to having a safe network of PCs.

    A pricier firewall will give you more toys. Like user defined firewall rules, VPN, a DMZ subnet, illegal tcpip packet detection, subscription based email antivirus, VLAN, centralized sysloging, and maybe intrusion detection system ( IDS ),
     
  6. PK-her0

    PK-her0 Thread Starter

    Joined:
    Sep 17, 2007
    Messages:
    1,373
    Thanks lunar...that really helped...will take all advice on board...

    yes i must also look at the budget first...
     
  7. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,370
    I disagree with Lunar on focusing on PC centric defenses. All the enterprises I've worked or dealt with, have very robust security appliances which shifts away the various issues around PC centric security schemes. The ideology is to stop malicious traffic from ever even getting to the PCs in the first place.
     
  8. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    6,224
    I wouldnt go as far to say I am favoring a PC centric security setup.

    Some things work better when it is sitting on a PC, like end point antivirus security. There is the signature checking part and the hueristics part of an antivirus, and the signature checking can be done at the gateway, but the hueristics part works by sitting on the PC.

    Then there are products like Faronics Deepfreeze, they do have an enterrprise version. So I wouldn't categorize them as PC centric, but their defence is PC based.
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1066774