Ultimately it depends on your definition of "firewall". How many connections do you expect, what kind of bandwidth do you expect to have to push through to the server? Do you have many services that need access? Or is this only going to be HTTP? Depending on your needs, plain 'ol NAT on a SOHO router could be plenty if your server is "hardened" (all non essential services turned off, shares secured, proper network settings, etc). I have run linux servers behind Linksys boxes for the better part of 6 years now in my garage. I only publish services that are required and I make sure my servers have the latest security patches. My home servers are attacked ALL THE TIME, day and night, for vulnerabilities by whoever stays up all night doing that crap. I see the attempts in the logs. I regularly monitor traffic in and out and look for changes in traffic patterns - just like I do for our work environment. I have more sophisticated needs at work, so we use ISA and ASA there. But the bigger more expensive toys simply give me more options than what I can do with the Linksys. The part that is constant between the 2 environments, my garage, and my enterprise, is me. Firewalls, hardware or otherwise, mean nothing if they are not monitored and maintained along with the server itself. I would feel safer with a $70 Linksys firewall and a competent, diligent network administrator, than $50,000 in fancy hardware and software firewalls, stuffed in a closet, where nobody ever looked at it again because "I just spent $50,000 on a firewall - It must be a good one." You can always go open source if you have some hardware laying around. IPCop is a good one. There is also smoothwall. Just curious... You said specifically "hardware firewall". Any particular reason? From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR Sent: Thursday, September 27, 2007 8:46 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: I have a good question Well, you should admit that the list was a little bit quiet. Regards Diego R. Pietruszka MSC (USA) - Interlink Transport Technologies From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak Sent: Thursday, September 27, 2007 10:55 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: I have a good question Now that's a good question. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Thursday, September 27, 2007 10:49 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: I have a good question Is this a troll? Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- Microsoft Firewalls (ISA) ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA ASST MGR Sent: Thursday, September 27, 2007 9:31 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] I have a good question Hello everybody Does anybody know a good and not expensive hardware firewall? Regards Diego R. Pietruszka ExchangeDefender Message Security: Check Authenticity <http://www.exchangedefender.com/verify.asp?id=l8REtfUj004606&from=amy@h arborcomputerservices.net>