Firewall question

Status
Not open for further replies.
C

canooten

In Runtime
Messages
276
My wife's company just switched over from DSL (firewall in router) to a T1 for their internet service. The service company installed a Cisco IAD2430 device. I'm not too familiar with this equipment, so I'm wondering what kind of firewall I should install with this system?

At this time I have the Cisco box connected directly to a switch so they will have internet service. I'm assuming this setup leaves all connected machines vulnerable from the outside (I'm guessing the Cisco box has no firewall).

What type of firewall would I be best going with here? This is a very small company, so big $$ solutions aren't going to fly. I'm not against going with a software solution if it's best, but I assume a hardware firewall would be the least likely to be screwed up by users who don't know what they're doing.

All suggestions are appreciated.
 
Big question is.....how many computers are going to be behind this and what is the budget like? Personally, I'd go with Sonicwall. They are a little on the high-end of the network firewall spectrum, but if you look on eBay or other auction sites, you can get a steal...

Like this one...
SonicWall 330
If you can get it at this price, you'd be saving $1000.00.

-Mike
 
canooten said:
My wife's company just switched over from DSL (firewall in router) to a T1 for their internet service. The service company installed a Cisco IAD2430 device. I'm not too familiar with this equipment, so I'm wondering what kind of firewall I should install with this system?

At this time I have the Cisco box connected directly to a switch so they will have internet service. I'm assuming this setup leaves all connected machines vulnerable from the outside (I'm guessing the Cisco box has no firewall).

What type of firewall would I be best going with here? This is a very small company, so big $$ solutions aren't going to fly. I'm not against going with a software solution if it's best, but I assume a hardware firewall would be the least likely to be screwed up by users who don't know what they're doing.

All suggestions are appreciated.
Click to expand...

Cisco routers have NAT, which is a prob the best secuity a network could have. It makes all those machines on your network look like one machine on the outside world. If you are really concerned about security you should look into smoothwall:
www.smoothwall.org
 
My whole deal is I'm not familiar with the Cisco equipment, so I wasn't sure if they had any type of protection. If that model has NAT, I'm OK with leaving it how it is.

As for the # of machines....right now about 6, but will probably be around 10 pretty soon.
 
I'll go through the company that installed it for that info. I know it will work fine for the # of machines they'll have....

You're right though....the documentation doesn't really make this point clear.
 
My feeling is that it doesn't provide FW protection just based on the type of device it is - but I could be wrong.

If i were you, I'd call Cisco and get it straight from the horses' mouth rather than relying on the 3rd party to verify that info.
 
Cisco routers have NAT, which is a prob the best secuity a network could have.
Click to expand...

Sorry, but NAT is no substitute for a firewall. While NAT can act like a firewall it is not a firewall and is not that hard to penetrate for those in the know.

-Target
 
Right....
A true hardware firewall is MUCH MORE than NAT. NAT is good for your typical SoHo "router" which is really a gateway with "some" routing capabilities like NAT and port forwarding. This hardware piece, in your environment, I would personally accompany with a real hardware firewall. And yes......even an IAD.......it provides NAT because it HAS to! An IAD has to act as a mediator between PBX and Data equipment for the most part. But there are more IADs that act as different mediators.
Fact is.....in your environment....NAT is not enough.

As far as the specs of the IAD......it's fine....up to 10 (so they say) but at least 15 PCs w/o problems

$500.00 will buy you a STACK firewall......and save you lots of frustration...

-Mike
 
I've heard of "Glass wall"
apparently it has never been hacked before, not even by the company that made it!
not sure where to get it though

I suggest using a 10/100 router + SPI firewall and DoS with however many ports you need, use this to be the first box to get on the net, and connect the networked Mac's/PC's to it

this one has Dos and SPI firewall - the price is in $ aussie
 
Status
Not open for further replies.

Similar threads

ikonix360
USB to HDMI question
Replies
0
Views
408
ikonix360
ikonix360
R
Help for my homelab
Replies
1
Views
581
PP Mguire
PP Mguire
bL4cKh4T
windows not allowing any type of connection
Replies
0
Views
347
bL4cKh4T
bL4cKh4T
ikonix360
Android phone question
Replies
7
Views
1K
Emilie-tech
E
B
Multiple Seagate External Drives Not Working(Windows+Mac)
Replies
2
Views
407
Joe C
Joe C
Back
Top Bottom