Standalone Firewall?

Matt Alexander plug-discuss@lists.PLUG.phoenix.az.us
Sat, 12 Jan 2002 08:35:56 -0800 (PST)


I've been using a SonicWall SOHO2 (I believe it's now called the SOHO3)
for quite a while and I'm really very happy with it.  It has all the
features you mentioned and works great.  It's more expensive than the
Linksys or NetGear products, but it has a lot more flexibility and
configuration options.

http://www.us.buy.com/retail/product.asp?sku=10316306&loc=14577

~M


On Fri, 11 Jan 2002, Jay wrote:

>
> I know this topic came up here recently, but I just looked through the
> archives and I couldn't find it (browsing by thread).
>
> Anyway, I'm looking for recommendations on the best method to build a
> standalone firewall machine. The network will look something like
> (simplified for email purposes):
>
>
>                                                       /----Servers
> Internet----SDSL Router----Firewall----10/100 Switch--
>                                                       \----Workstations
>
>
> The firwall obviously needs to support NAT and masquerading, as well as
> port forwarding to get to the http, smtp, pop3, ssh, etc... ports on the
> servers from the Internet, and support for multiple physical Ethernet
> interfaces.
>
> Although not *required* (but would be nice) would be features like
> stateful packet inspection (rules based), DoS filtering, intrusion
> detection, excellent logging, easy (yet powerful) web browser
> configuration/administration, and maybe even log analysis and reporting
> features.
>
> While I'm at it, another cool feature would be if it was all able to run
> via a floppy or bootable CD (thus no HDD required in the firewall). I also
> recognize that this feature would require logging via remote syslog, which
> (since the logs would then be remote) would also mean that it wouldn't be
> able to do log analysis and reporting.
>
> I know all of these features are easily available with Linux, but I'm
> looking for a nice integrated package. Looking on Freshmeat turns up over
> 200 options (so I'm sure something is out there). I've seen dedicated
> "security appliances" from the likes of Linksys, NetGear, and SonicWall.
> They look alright (and the Linksys and NetGear ones are really very
> affordable), so if someone might recommend that approach, I'd be
> interested in hearing thoughts on that too.
>
> Thanks!
>
> --
> ~Jay
>
>
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list  -  PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>