General discussion

Locked

Opinions on Firewalls

By kashmeir63 ·
Hi,
I have a windows 2003 network. I currently have a cisco pix firewall that has started to give me some problems so I'm considering a different company for our firewall. Other than sonicwall is there another solid firewall someone has expirenece with and recommends? I'm looking for one that has a easy gui interface and can handle anti-virus. Any help would be appreciated. Thank You

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by secureplay In reply to Opinions on Firewalls

I would check out the former Netscreen, now part of Juniper Networks. We used to be a reseller (not any longer) and they have a nice GUI and a solid product. There is also Watchguard that integrates anti-virus. Remember that you are probably bound more by your external connection than the number of computers - a lot of people buy WAY TOO MUCH capability in the firewall compared to their public Internet access.

I would really not expect a firewall to be your anti-virus solution. Firewalls need to be fast and anti-virus solutions need to be thorough.

Security appliances are relatively inexpensive and in this case, specialization is better. Many of the AV appliances use the Sophos engine (which is a good product).

There is no way to avoid AV on the desktop. There are too many ways to get malicious code installed. Most of the major AV companies include a management solution for enterprise deployments. Depending on how large your installation is, you can use one of these for central management or sneaker-net the standard product. The main sensible use of an AV appliance is for outgoing email to ensure that your company is not a source for viruses (unprofessional, embarrassing, and worse). There are also AV solutions that work with your mail server.

For anti-virus, it is good to use a different vendor for any server or appliance solution than the desktop component. This will give you a better chance of picking up problems that may get past one of the machines. You should also run AV on your file servers - I have worked in offices where the file server became a "Typhoid Mary" - spreading the virus from PC to PC as quickly as the system admins were knocking it off of desktops.

Desktop firewall products are also a good "belt-and-suspenders" tool to use - even with a main firewall. They pick up a lot of malware and other things that a gateway firewall will not capture.

Steven B. Davis
http://www.playnoevil.com/ - blog

Collapse -

by kashmeir63 In reply to

Poster rated this answer.

Collapse -

by kashmeir63 In reply to Opinions on Firewalls

This question was closed by the author

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums