[isalist] Re: I have a good question
- From: "Ray Dzek" <Ray.Dzek@xxxxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 27 Sep 2007 11:18:17 -0700
Ultimately it depends on your definition of "firewall". How many
connections do you expect, what kind of bandwidth do you expect to have
to push through to the server? Do you have many services that need
access? Or is this only going to be HTTP? Depending on your needs,
plain 'ol NAT on a SOHO router could be plenty if your server is
"hardened" (all non essential services turned off, shares secured,
proper network settings, etc).
I have run linux servers behind Linksys boxes for the better part of 6
years now in my garage. I only publish services that are required and I
make sure my servers have the latest security patches. My home servers
are attacked ALL THE TIME, day and night, for vulnerabilities by whoever
stays up all night doing that crap. I see the attempts in the logs. I
regularly monitor traffic in and out and look for changes in traffic
patterns - just like I do for our work environment. I have more
sophisticated needs at work, so we use ISA and ASA there. But the
bigger more expensive toys simply give me more options than what I can
do with the Linksys. The part that is constant between the 2
environments, my garage, and my enterprise, is me.
Firewalls, hardware or otherwise, mean nothing if they are not monitored
and maintained along with the server itself. I would feel safer with a
$70 Linksys firewall and a competent, diligent network administrator,
than $50,000 in fancy hardware and software firewalls, stuffed in a
closet, where nobody ever looked at it again because "I just spent
$50,000 on a firewall - It must be a good one."
You can always go open source if you have some hardware laying around.
IPCop is a good one. There is also smoothwall. Just curious... You
said specifically "hardware firewall". Any particular reason?
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR
Sent: Thursday, September 27, 2007 8:46 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: I have a good question
Well, you should admit that the list was a little bit quiet.
Regards
Diego R. Pietruszka
MSC (USA) - Interlink Transport Technologies
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Amy Babinchak
Sent: Thursday, September 27, 2007 10:55 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: I have a good question
Now that's a good question.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: Thursday, September 27, 2007 10:49 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: I have a good question
Is this a troll?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN
INTERLINK INFRA ASST MGR
Sent: Thursday, September 27, 2007 9:31 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] I have a good question
Hello everybody
Does anybody know a good and not expensive hardware firewall?
Regards
Diego R. Pietruszka
ExchangeDefender Message Security: Check Authenticity
<http://www.exchangedefender.com/verify.asp?id=l8REtfUj004606&from=amy@h
arborcomputerservices.net>
Other related posts:
