Questions

Firewall

+
0 Votes
Locked

Firewall

arief
I?m looking for firewall solution for my network. Right now we have a router that was provided by IPS then a firewall (3com office connect) after firewall is the main router (cisco 2600) that is our gateway and DHCP. Our network is made of several subnet.
All (about 90) workstations are XP Pro, with windows 2000server as domain controller and several other servers (2000servers and AIX server). Because of 3 subnets, I can not use NAT in firewall and I don?t know if there is a way to get DHCP table of Cisco router. So all traffic thru firewall shows up as one IP in firewall reports. I would like to have reports on web usages. I ?m not for policing users, but there are some employees that abuse the web usages. I have no way of proving single user abuse, since all workstation show up as on IP (that is the cisco router). I have different group of users. All user have to have email, some have unfiltered access to web, some limited usage thru domain policy enforcement (that is not perfect, since every once awhile I find out for some reason policy is not applied and have to reset limit IE policy on each workstation.). I looking for a method that can reports based on users. My budget is limited to less than $1000.
Thanks
  • +
    0 Votes
    CG IT

    stick it in front of the 2600 and dump the 3comm.

    have your ISP put in an ethernet port at the demarc point where you can just port in on ethernet. [what do you have? a T1? or what internet connection?

    PIX will do what you want.

    OR go get ISA server as your firewall proxy server at the perimeter and use GFI web monitor for ISA. GFI will generate reports by both user name, workstation, and what sites they visit.

    ISA 2004 creates it's own reports but GFI has more detail. ISA reports are summary.

    there probably other 3rd party solutions but those are the ones I'm familar with.

    +
    0 Votes
    jamesatmaisonverre

    unix server

    +
    0 Votes
    ianr

    Hi Arie-
    Your big issue is your $1000 limit. There are several products out there that can do what you are looking for and I have a preference for the Juniper Netscreen Firewalls. The PIX or ASA from Cisco is difficult to configure but, is also a decent option. The other players in your price range are SonicWall and Watchguard. I like the SonicWall and Watchguard for your price range but, I am not familiar with what their current pricing looks like. All but the Cisco I am very familiar with and you can pull some nice reports out of to find out what specific users are doing but, it's work to understand the reports from different vendors. A Linux server with firewall software would work for you in your price range but, I am not a big fan of firewalls that need to go to an OS.

    +
    0 Votes
    gtrtech

    I'm also looking for a new solution. My company has the sonic wall and I guess it?s ok but I hate the Mcafee enforced client on it. It?s very unstable and doesn?t pick up as much as other virus programs. They also get you on the license upgrades. Every time I turn around I?m having to put out $500-$1000 on license renewals.

  • +
    0 Votes
    CG IT

    stick it in front of the 2600 and dump the 3comm.

    have your ISP put in an ethernet port at the demarc point where you can just port in on ethernet. [what do you have? a T1? or what internet connection?

    PIX will do what you want.

    OR go get ISA server as your firewall proxy server at the perimeter and use GFI web monitor for ISA. GFI will generate reports by both user name, workstation, and what sites they visit.

    ISA 2004 creates it's own reports but GFI has more detail. ISA reports are summary.

    there probably other 3rd party solutions but those are the ones I'm familar with.

    +
    0 Votes
    jamesatmaisonverre

    unix server

    +
    0 Votes
    ianr

    Hi Arie-
    Your big issue is your $1000 limit. There are several products out there that can do what you are looking for and I have a preference for the Juniper Netscreen Firewalls. The PIX or ASA from Cisco is difficult to configure but, is also a decent option. The other players in your price range are SonicWall and Watchguard. I like the SonicWall and Watchguard for your price range but, I am not familiar with what their current pricing looks like. All but the Cisco I am very familiar with and you can pull some nice reports out of to find out what specific users are doing but, it's work to understand the reports from different vendors. A Linux server with firewall software would work for you in your price range but, I am not a big fan of firewalls that need to go to an OS.

    +
    0 Votes
    gtrtech

    I'm also looking for a new solution. My company has the sonic wall and I guess it?s ok but I hate the Mcafee enforced client on it. It?s very unstable and doesn?t pick up as much as other virus programs. They also get you on the license upgrades. Every time I turn around I?m having to put out $500-$1000 on license renewals.