New Posts  All Forums:Forum Nav:

Firewalls 101 - Page 3

post #21 of 31
Thread Starter 
Quote:
Originally Posted by stubass View Post

Comodo is a good software firewall
http://www.comodo.com/
http://www.comodo.com/home/internet-security/firewall.php?key5sk1=d23d43fa9c2947f8ade22445c29574b8a6ebef8b&key5sk2=2128&key5sk3=1330574168000&key5sk6=null&key5sk7=1330574168000&key5sk8=2128&key5sk9=1330574273000&key6sk1=comodo&key6sk2=FF60&key6sk3=7&key6sk4=en-us&key6sk5=TH&key6sk6=0&key6sk7=Google&key6sk9=1440900&key6sk10=true&key6sk11=5e77b7bfc9031c224ae583ff505c9cd20c5e12e1&key7sk1=2&key1sk1=ors&key1sk2=Google&key1sk3=comodo
or if you willing to spend $$$ get a nice hardware firewall such as sonicwall
i like the NSA series but the TZ is better priced
http://www.sonicwall.com/us/products/TZ_Series.html
but your router comes with an SPI firewall which should be enough..
finnally you could get or build a cheap low end rig and run it as a router/firewall using pfSense
http://www.pfsense.org/ thumb.gif

wel i ask because I am really debating this
OverKill
(18 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1055T Gigabyte 890FXA ATI FirePro V3800 ATI FirePro V3800 
RAMHard DriveHard DriveOptical Drive
16gb GSkill 10666 Seagate Western Digital  LG Blue Ray 
CoolingOSMonitorMonitor
stock air 7 Pro 64 bit (2)22" Acer x223w (2)23" Acer G235H 
KeyboardPowerCaseMouse
Microsoft Wireless Antec 900watt Antec 300 Wacom Tablet 
Audio
Logitech Speakers and sub 
  hide details  
Reply
OverKill
(18 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1055T Gigabyte 890FXA ATI FirePro V3800 ATI FirePro V3800 
RAMHard DriveHard DriveOptical Drive
16gb GSkill 10666 Seagate Western Digital  LG Blue Ray 
CoolingOSMonitorMonitor
stock air 7 Pro 64 bit (2)22" Acer x223w (2)23" Acer G235H 
KeyboardPowerCaseMouse
Microsoft Wireless Antec 900watt Antec 300 Wacom Tablet 
Audio
Logitech Speakers and sub 
  hide details  
Reply
post #22 of 31
its a good budget hardware firewall, though the throughput is low.. good chance it will bottleneck your internet is you look at the performance page of this review
http://www.smallnetbuilder.com/lanwan/lanwan-reviews/24591-netgearprosafevpnfirewallreview smile.gif
Going to be chaep
(16 items)
 
Wife's Rig
(12 items)
 
 
CPUMotherboardGraphicsRAM
i7-3770k Gigabyte GA-Z77X-UP5 TH MSI GTX460 G.Skill TridentX 2400 2 x 4GB 
Hard DriveHard DriveOptical DriveCooling
Plextor M5p 128GB 2 x WD 500GB Blues LG Prolimatech Megahalems Rev C 
CoolingOSMonitorPower
Arctic F12 CO PWM x 2 Push/Pull Windows 7 64 bit Ultimate LG IPS235V Corsair AX850 
Case
Coolermaster HAF 912 advanced (Asia version) 
CPUMotherboardGraphicsRAM
I5-3570K Gigabyte Z68X-UD3H-B3 Inno3D Ichill GTX660 8GB G.Skill RipjawsX 1600 
Hard DriveHard DriveOptical DriveCooling
Samsung 830 128GB WD black 500GB Liteon Coolermaster Hyper 212+ EVO 
OSMonitorPowerCase
Win 7 ultimate Samsung Syncmaster 932gwe+ OCZ ZT series 550W Coolermaster 410 
CPUMotherboardRAMHard Drive
1.67Ghz Atom stock 1GB DDR2 2 x 500GB Western Digital Cavier Blacks [RAID 1] 
CoolingOSPowerCase
stock DSM3.2 [built on linux] stock stock 
OtherOther
Synology DX510 Expansion unit 5 x 1TB WD Cavier Blacks in a RAID 6 
  hide details  
Reply
Going to be chaep
(16 items)
 
Wife's Rig
(12 items)
 
 
CPUMotherboardGraphicsRAM
i7-3770k Gigabyte GA-Z77X-UP5 TH MSI GTX460 G.Skill TridentX 2400 2 x 4GB 
Hard DriveHard DriveOptical DriveCooling
Plextor M5p 128GB 2 x WD 500GB Blues LG Prolimatech Megahalems Rev C 
CoolingOSMonitorPower
Arctic F12 CO PWM x 2 Push/Pull Windows 7 64 bit Ultimate LG IPS235V Corsair AX850 
Case
Coolermaster HAF 912 advanced (Asia version) 
CPUMotherboardGraphicsRAM
I5-3570K Gigabyte Z68X-UD3H-B3 Inno3D Ichill GTX660 8GB G.Skill RipjawsX 1600 
Hard DriveHard DriveOptical DriveCooling
Samsung 830 128GB WD black 500GB Liteon Coolermaster Hyper 212+ EVO 
OSMonitorPowerCase
Win 7 ultimate Samsung Syncmaster 932gwe+ OCZ ZT series 550W Coolermaster 410 
CPUMotherboardRAMHard Drive
1.67Ghz Atom stock 1GB DDR2 2 x 500GB Western Digital Cavier Blacks [RAID 1] 
CoolingOSPowerCase
stock DSM3.2 [built on linux] stock stock 
OtherOther
Synology DX510 Expansion unit 5 x 1TB WD Cavier Blacks in a RAID 6 
  hide details  
Reply
post #23 of 31
Just get Cisco Pix 506e or a 515 off ebay for $50. It is way more secure than any of those linux boxes and it will forward packets faster...as long as you are willing to learn how to configure it. If you want a hardware firewall, you should get a real one.

Good deal here, you just have to flash the password
http://www.ebay.com/itm/Cisco-PIX-515-Firewall-/251004378722?pt=LH_DefaultDomain_0&hash=item3a7106de62#ht_1630wt_1163
Edited by UsedPaperclip - 2/29/12 at 1:21pm
post #24 of 31
Quote:
Originally Posted by UsedPaperclip View Post

Just get Cisco Pix 506e or a 515 off ebay for $50. It is way more secure than any of those linux boxes and it will forward packets faster...as long as you are willing to learn how to configure it. If you want a hardware firewall, you should get a real one.
Good deal here, you just have to flash the password
http://www.ebay.com/itm/Cisco-PIX-515-Firewall-/251004378722?pt=LH_DefaultDomain_0&hash=item3a7106de62#ht_1630wt_1163

this or if your lucky you might find a Cisco ASA at a reasonable price.. i have found great deals on Cisco refurbished gear on Ebay thumb.gif

Ifact my whole networking test lab including servers for virtualization all came from Ebay smile.gifsmile.gif
Going to be chaep
(16 items)
 
Wife's Rig
(12 items)
 
 
CPUMotherboardGraphicsRAM
i7-3770k Gigabyte GA-Z77X-UP5 TH MSI GTX460 G.Skill TridentX 2400 2 x 4GB 
Hard DriveHard DriveOptical DriveCooling
Plextor M5p 128GB 2 x WD 500GB Blues LG Prolimatech Megahalems Rev C 
CoolingOSMonitorPower
Arctic F12 CO PWM x 2 Push/Pull Windows 7 64 bit Ultimate LG IPS235V Corsair AX850 
Case
Coolermaster HAF 912 advanced (Asia version) 
CPUMotherboardGraphicsRAM
I5-3570K Gigabyte Z68X-UD3H-B3 Inno3D Ichill GTX660 8GB G.Skill RipjawsX 1600 
Hard DriveHard DriveOptical DriveCooling
Samsung 830 128GB WD black 500GB Liteon Coolermaster Hyper 212+ EVO 
OSMonitorPowerCase
Win 7 ultimate Samsung Syncmaster 932gwe+ OCZ ZT series 550W Coolermaster 410 
CPUMotherboardRAMHard Drive
1.67Ghz Atom stock 1GB DDR2 2 x 500GB Western Digital Cavier Blacks [RAID 1] 
CoolingOSPowerCase
stock DSM3.2 [built on linux] stock stock 
OtherOther
Synology DX510 Expansion unit 5 x 1TB WD Cavier Blacks in a RAID 6 
  hide details  
Reply
Going to be chaep
(16 items)
 
Wife's Rig
(12 items)
 
 
CPUMotherboardGraphicsRAM
i7-3770k Gigabyte GA-Z77X-UP5 TH MSI GTX460 G.Skill TridentX 2400 2 x 4GB 
Hard DriveHard DriveOptical DriveCooling
Plextor M5p 128GB 2 x WD 500GB Blues LG Prolimatech Megahalems Rev C 
CoolingOSMonitorPower
Arctic F12 CO PWM x 2 Push/Pull Windows 7 64 bit Ultimate LG IPS235V Corsair AX850 
Case
Coolermaster HAF 912 advanced (Asia version) 
CPUMotherboardGraphicsRAM
I5-3570K Gigabyte Z68X-UD3H-B3 Inno3D Ichill GTX660 8GB G.Skill RipjawsX 1600 
Hard DriveHard DriveOptical DriveCooling
Samsung 830 128GB WD black 500GB Liteon Coolermaster Hyper 212+ EVO 
OSMonitorPowerCase
Win 7 ultimate Samsung Syncmaster 932gwe+ OCZ ZT series 550W Coolermaster 410 
CPUMotherboardRAMHard Drive
1.67Ghz Atom stock 1GB DDR2 2 x 500GB Western Digital Cavier Blacks [RAID 1] 
CoolingOSPowerCase
stock DSM3.2 [built on linux] stock stock 
OtherOther
Synology DX510 Expansion unit 5 x 1TB WD Cavier Blacks in a RAID 6 
  hide details  
Reply
post #25 of 31
Thread Starter 
Quote:
Originally Posted by UsedPaperclip View Post

Just get Cisco Pix 506e or a 515 off ebay for $50. It is way more secure than any of those linux boxes and it will forward packets faster...as long as you are willing to learn how to configure it. If you want a hardware firewall, you should get a real one.
Good deal here, you just have to flash the password
http://www.ebay.com/itm/Cisco-PIX-515-Firewall-/251004378722?pt=LH_DefaultDomain_0&hash=item3a7106de62#ht_1630wt_1163

i dont mind learning but right now I am looking for a solution because I dont have the time. I would like something simple to setup for my small network of workstations and servers. Later down the road when i expand I will buy something better.
OverKill
(18 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1055T Gigabyte 890FXA ATI FirePro V3800 ATI FirePro V3800 
RAMHard DriveHard DriveOptical Drive
16gb GSkill 10666 Seagate Western Digital  LG Blue Ray 
CoolingOSMonitorMonitor
stock air 7 Pro 64 bit (2)22" Acer x223w (2)23" Acer G235H 
KeyboardPowerCaseMouse
Microsoft Wireless Antec 900watt Antec 300 Wacom Tablet 
Audio
Logitech Speakers and sub 
  hide details  
Reply
OverKill
(18 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1055T Gigabyte 890FXA ATI FirePro V3800 ATI FirePro V3800 
RAMHard DriveHard DriveOptical Drive
16gb GSkill 10666 Seagate Western Digital  LG Blue Ray 
CoolingOSMonitorMonitor
stock air 7 Pro 64 bit (2)22" Acer x223w (2)23" Acer G235H 
KeyboardPowerCaseMouse
Microsoft Wireless Antec 900watt Antec 300 Wacom Tablet 
Audio
Logitech Speakers and sub 
  hide details  
Reply
post #26 of 31
Quote:
Originally Posted by UsedPaperclip View Post

Just get Cisco Pix 506e or a 515 off ebay for $50. It is way more secure than any of those linux boxes and it will forward packets faster...as long as you are willing to learn how to configure it. If you want a hardware firewall, you should get a real one.
Good deal here, you just have to flash the password
http://www.ebay.com/itm/Cisco-PIX-515-Firewall-/251004378722?pt=LH_DefaultDomain_0&hash=item3a7106de62#ht_1630wt_1163

What rolleyes.gif

Sorry but no ciscos are not more secure or faster rolleyes.gif They can be slower + less secure. Can.


The Speed + security is how you configure them, unless you include cve's then i think linux wins on security thumb.gif
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #27 of 31
Quote:
Originally Posted by Ulquiorra View Post

What rolleyes.gif
Sorry but no ciscos are not more secure or faster rolleyes.gif They can be slower + less secure. Can.
The Speed + security is how you configure them, unless you include cve's then i think linux wins on security thumb.gif

Oh, is that why 60% of the world use cicso firewalls and the other 25% use barracuda and sonicwall? I guess they just have good sales reps.

Linux has holes too. The firewall isnt usually the problem, its the exchange, sql, and web servers that get exploited.
Edited by UsedPaperclip - 3/1/12 at 10:20am
post #28 of 31
I have to agree with and disagree with both of the last 2 posts. Yes a Cisco can be less secure and slower, not all mind you. If you are speaking to the PIX line then absolutely yes. ASA's helped over come some of this. I can tell you for a fact that the PIX 535 and under once they hit 75% utilization drops to it's knees.
If my choice was building a linux firewall from scratch with todays hardware or a PIX, I would go with the linux build (just so you know I have had my PIX setting collecting dust for over 3 years now)

The statement about Linux having holes is true, but remember the underlying OS be it Cisco, Juniper, Sidewinder ... all are built on Linux or some Unix variation. While the ASA's have started to become more and more popular they are by far not the market holder. The ASA was the first firewall that Cisco actually made, all previous models were bought or acquired through mergers.
The Raven
(16 items)
 
  
CPUMotherboardGraphicsGraphics
i7-2600K Gigabyte GA-P67A-UD5-B3 EVGA GTX 570 SC EVGA GTX 570 SC 
RAMHard DriveOptical DriveCooling
16GB G.SKILL Ripjaws X 1866 Samsung 840 Pro  iHAS324 - Lite-On DVD-RW Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 10 ASUS VN248 ASUS VN248 Logitech G510 
PowerCaseMouse
XFX 850W BE SILVERSTONE RV02B-EW Logitech MX518 
  hide details  
Reply
The Raven
(16 items)
 
  
CPUMotherboardGraphicsGraphics
i7-2600K Gigabyte GA-P67A-UD5-B3 EVGA GTX 570 SC EVGA GTX 570 SC 
RAMHard DriveOptical DriveCooling
16GB G.SKILL Ripjaws X 1866 Samsung 840 Pro  iHAS324 - Lite-On DVD-RW Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 10 ASUS VN248 ASUS VN248 Logitech G510 
PowerCaseMouse
XFX 850W BE SILVERSTONE RV02B-EW Logitech MX518 
  hide details  
Reply
post #29 of 31
Quote:
Originally Posted by bratas View Post

I have to agree with and disagree with both of the last 2 posts. Yes a Cisco can be less secure and slower, not all mind you. If you are speaking to the PIX line then absolutely yes. ASA's helped over come some of this. I can tell you for a fact that the PIX 535 and under once they hit 75% utilization drops to it's knees.
If my choice was building a linux firewall from scratch with todays hardware or a PIX, I would go with the linux build (just so you know I have had my PIX setting collecting dust for over 3 years now)
The statement about Linux having holes is true, but remember the underlying OS be it Cisco, Juniper, Sidewinder ... all are built on Linux or some Unix variation. While the ASA's have started to become more and more popular they are by far not the market holder. The ASA was the first firewall that Cisco actually made, all previous models were bought or acquired through mergers.

There is no way that this guy will hit 75% usage even on a 501e. Its a small home business, anything over a 506e is overkill, an ASA is out of his budget I am sure, so a pix will do fine for him.
post #30 of 31
Thread Starter 
Quote:
Originally Posted by UsedPaperclip View Post

There is no way that this guy will hit 75% usage even on a 501e. Its a small home business, anything over a 506e is overkill, an ASA is out of his budget I am sure, so a pix will do fine for him.

Ha you doubt my usage! Lol. Just trying to figure where to start. I'd like a plug and play but I think I will use an old rig and try to learn pfsense and also install camando. I would just like to get one GUI based that was easy and expandable but the issue I am running into is all of them take experience and that is not what I have nor the time right now, but I need the security so I'm stumped.
OverKill
(18 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1055T Gigabyte 890FXA ATI FirePro V3800 ATI FirePro V3800 
RAMHard DriveHard DriveOptical Drive
16gb GSkill 10666 Seagate Western Digital  LG Blue Ray 
CoolingOSMonitorMonitor
stock air 7 Pro 64 bit (2)22" Acer x223w (2)23" Acer G235H 
KeyboardPowerCaseMouse
Microsoft Wireless Antec 900watt Antec 300 Wacom Tablet 
Audio
Logitech Speakers and sub 
  hide details  
Reply
OverKill
(18 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1055T Gigabyte 890FXA ATI FirePro V3800 ATI FirePro V3800 
RAMHard DriveHard DriveOptical Drive
16gb GSkill 10666 Seagate Western Digital  LG Blue Ray 
CoolingOSMonitorMonitor
stock air 7 Pro 64 bit (2)22" Acer x223w (2)23" Acer G235H 
KeyboardPowerCaseMouse
Microsoft Wireless Antec 900watt Antec 300 Wacom Tablet 
Audio
Logitech Speakers and sub 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security