General discussion


Best SW firewall around??

By thebigbro1 ·
Greetings IT fellows!

I am going to learn about firewalls.
Can you recommend me a solid and respected SW firewall in IT industry to start with on Windows 2003 server. I want to download demo and install on SOHO network for testing purposes.

In other words : What sofwtare firewalls are popular today ?? Please advise

Thanks !

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

What do you want to protect?

by jbarchitect In reply to Best SW firewall around??

It depends on what you want to protect. Are you looking for a software firewall to run on the same server you are trying to protect? (i.e. its job would be to protect the server, not the network.)

Or are you looking for software to turn a server into a perimeter firewall to protect the network?

Collapse -

by thebigbro1 In reply to What do you want to prote ...

I want to implement a complete firewall solution (just like on the real networks) to protect whole LAN - firewall would be installed on the server machine tho.

Collapse -

ISA server coud be the solutions

by jrice In reply to

ISA Server 2003 would be the software of choice. Its a big learn and the configuration can be a chore but it does provide a complete solution that integrates well with other windows products such as exchange server. Be warned its not cheap

Collapse -

ISA is cool but..

by thebigbro1 In reply to ISA server coud be the so ...

I am also learning ISA now but I want to implement 3rd party firewall just like in a real IT environment.

ISA server does not seem to be popular (not in places I used to work there :)

Or perhaps SW firewalls are not popular anymore as people prefer to install solid HW firewalls?

Thanks for suggestions!

Collapse -

Kerio firewall

by Netspec In reply to ISA is cool but..


I found Kerio's firewalls quite good. Both the Server and Personal firewall are good and easy to implement, yet you have the possibility to implement fairly advanced features.

Kerio is found at

Collapse -

network planning

by apotheon In reply to

If you're running a network with both clients and servers, and the primary server on the network is the one you're planning to use as a firewall, I'm afraid you're doing things all wrong. The firewall for an entire LAN should never be the same machine as the machine(s) you want to protect. There's a certain amount of leeway to be had in terms of possibly combining a router or gateway with a firewall, but combining your firewall and a file server is just begging for trouble. It's not The Right Thing To Do.

Depending on the network size, your best bet might be to buy something like a Linksys or SMC firewall/router appliance. Such a dedicated piece of hardware is simple to set up and configure, extremely reliable (generally), and not as expensive as a new mid- to high-performance computer to use as a router/firewall.

Of course, if all you want to do is run a firewall, you can do so with a computer so old that you'd consider throwing it away otherwise. Get an old Pentium 166MHz machine with two NICs and install something like IPCop on it, and you've got an extremely configurable, extremely secure firewall. Linux makes for some of the best firewalls in the world, and IPCop is a Linux distribution optimized to be easy to set up, configure, and maintain as a firewall.

In fact, many firewall/router appliances you can buy at stores like Circuit City, Fry's, and CompUSA actually run embedded Linux.

Collapse -

the best firewall for beginner

by ou_peter In reply to Best SW firewall around??

i think it's's easy to define your configuration and achieve it's functions.

Collapse -

Yap. It?s a good SW Firewall and easy to manage!!!

by markinios In reply to the best firewall for beg ...

Even for any beginner it?s quite easy to setup and configure. I have it installed in my LAN and OF COURSE in all pc?s (ONly five) because of its way to work is at a personal LEVEL. Just try it.

Collapse -

SW Firewalls?

by DSC In reply to Best SW firewall around??

It is good to search for one that suits your needs, but shareware is not the way to go for anthing more than just testing. I have tried several myself and I have found that Outpost Firewall & Tiny Firewall are about the best on the market. Tiny firewall probably number one. Yes, I believe they have a demo version you may try. But, as far as stateful protection goes they are the best. Yes, I've tryied Symentec's client security, and other from well known makers. Although some offer good features none are as detail as the two I mentioned.

Collapse -

SW firewall really Enterprise Level????

by CG IT In reply to Best SW firewall around??

Misconception of what constitutes a Software Firewall and a hardware firewall. Personally, imo software firewalls should be categorized as consumer level/SOHO where the bugger is put on a computer directly connected to the internet [or like a consumer level router, has some form of port closing]. Windows XP firewall that is now a mandatory item with Service Pack 2 is a "software" firewall as well as Symantecs Norton Personall Firewall, or programs akin to these. Enterprise level firewalls on the other hand have far more configuration flexibility network level. Firewalls appliances like Cisco's PIX 501 a Symantec hardware firewall are examples but then you have to know how to configure it hense learning the software part of the hardware solution. ISA server is an Enterprise firewall software/hardware solution [if the admin is smart, they put ISA server on its own box]. It acts as a proxy server and a firewall. Works with Windows Based Active Directory for securing who can do what, when, where and with what workstation. Especially the newest version 2004 which can act as a perimeter firewall appliance/router/proxy for multiple network segments.

Security from the internet imo should be approached in a layered defense method. A perimeter defense: something that can close all ports until specifically opened; Network defense : allow/deny traffic at application, Network and data-link level; individual computer defense: allow deny workstation / user traffic.

Don't be fooled that a software firewall solution can be an Enterprise level solution. Enterprise level security solutions need to take in consideration multiple remote access users, site to site service level WAN communications, WAN connectivity fail-over, to mention just a few of a long list of enterprise WAN/LAN communications.

Related Discussions

Related Forums