Registered users    
MembershipMembership:
Latest New UserLatest:Abdul Abdul-Rahman
New TodayNew Today:7
New YesterdayNew Yesterday:11
User CountOverall:23332
Private messaging    
You must be logged in to use this module.
Top 10 posters    
NamePosts
Mariette Knap12895
Marina Roos12523
Eriq Neale2114
Michael Patrick1913
Stan Guinn1913
Robert Pearman1771
Nick Pieters1425
Stewart Brown616
william warren601
Kevin D.579
Welcome unauthorized visitor    
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
Small Business Server Support Forum    
Forums > Microsoft Small Business Server 2008 > Small Business Server 2008 Standard
Subject: Hardware Firewall
Prev Next
You are not authorized to post a reply.

Page 2 of 2 << < 12
Author Messages
Brian Mayo User is Offline
Along the shoreline of New England
Member since
6/22/2005

Registered Users
Posts: 317
7/21/2008 05:37 PM  
Posted By Mike Edwards on 7/07/2008 02:10 PM
 
I was thinking of looking at the Cisco Pix 501 devices are there others worth looking at ?
I usually do SBS setups with single NIC..behind a router/NAT.  Lately I've been leaning more towards UTM appliances...Unified Threat Management.  They do more than just NAT....they add deep SPI, intrusion detection, antivirus scanning, SPAM filtering, protocol control, application firewall, etc etc.
 
A few years ago I started using Endian at some clients...
http://www.endian.com/en/
 
I've been using Untangle lately...much more impressed with that package...VERY robust....
http://www.untangle.com/
 
In addition....I use a smart host for their e-mail..so I setup ACLs so that port 25 is only accepting connections from the range of mail servers at their mail host...instead of wide open to the world.
susantha silva User is Offline
United Kingdom
Member since
6/7/2005

Registered Users
Posts: 90
8/05/2008 04:36 PM  
Going back to the initial request I recommned to go woth CheckPoint Safe@office 500 or FortiGate 100A hardware box. Both these products are supporting AV, SPAM, web filtering, IPS/IDS at the gateway level. We’ve deplyed those devices in SMB market as well as mid enterprise companies.
 
 
The above links will give an idea about the boxes and it’t features.
Eric Collier User is Offline
United States
Member since
5/12/2005

Platinum Membership
Posts: 43
8/07/2008 07:52 PM  
I have been using Untangle too. It has been very robust and has actually sped up browsing for the end user. I have been extremely impressed with it so far.

Thought I'd add my $.02.

Eric
Kieran Mann User is Offline
United Kingdom
Member since
1/15/2007

Registered Users
Posts: 95
8/31/2008 07:36 PM  
I've just ordered a WatchGuard Firebox Edge UTM Firewall (http://www.watchguard.com/products/edge-e.asp) which looks really cool. Come's with wireless built-in, WAN failover, RADIUS support and the whole UTM bundle. We are going to put it between the modem and the server. Alos supports zero-day attacks with signature updates.

Also have looked into Untangle and it looks pretty good - may implement it as my second firewall although was wondering if it runs as an app. as shown in one of the demos or installs under its own OS as stated on the requirements page.
 
Kieran.
william warren User is Offline
United States
Member since
12/8/2005

Registered Users
Posts: 601
8/31/2008 09:12 PM  
I would take a look at Astaro as well.
Registered Microsoft Partner
Eriq Neale User is Offline
Texas, USA
Member since
5/3/2005

Microsoft MVP
Posts: 2114
9/07/2008 06:27 PM  
Kieran -

I used a WatchGuard Firebox Edge for the first couple of years I had my business open and dropped it in favor of a SonicWall TZ180, then dropped that for a Calyptix. The WatchGuard caused us all kinds of connectivity trouble (esp with our hosted VoIP system) that went away with the SonicWall. The SonicWall caused such a significant hit on throughput, though, with the UTM features were enabled. The Calyptix has been rock solid for us and has a number of features that neither the SonicWall or the WatchGuard have.

For the near term, I'm going to be recommending three different firewall units for my clients, depending on their needs. I'll be going with the Calyptix as the high-end solution for larger shops and those sites with specific UTM and access control needs. I'll be recommending the SecureComputing SG300 for smaller sites that don't have complex access control needs and where cost is a factor. I'll also be looking at the Netgear ProSafe models for those sites where cost is a factor that cannot be overcome ($150 for a basic firewall that has egress filtering that works pretty well isn't bad).

HTH...

-Eriq
Eriq Neale - Small Business Specialist, SBS MVP, Mac Guru
EON Consulting LLC www.eonconsulting.net
Lead Author of Windows Small Business Server 2008 Unleashed
In bookstores December 10, available for pre-order now
Listen to eOnCall at AIRtunZ or visit www.eoncall.com.
Kieran Mann User is Offline
United Kingdom
Member since
1/15/2007

Registered Users
Posts: 95
9/09/2008 03:04 PM  
Hi, yeah I've just recieved the Firebox Edge but half thinking of returning it as many people are saying it causes issues with the 2wire router. The router already has a built-in firewall albeit not as "feature-full" as the Firebox but i'm sure it can protect against DDOS, DOS, Port Scan etc. without the antivirus, antispam UTM stuff. Plus it saves me over $1500.
 
Thanks for the information,
 
Kieran.
william warren User is Offline
United States
Member since
12/8/2005

Registered Users
Posts: 601
9/12/2008 09:55 PM  
This thread has been quite informative about the firewall market as well..
Registered Microsoft Partner
Tony Krijnen User is Offline
The Netherlands
Member since
1/24/2006

Registered Users
Posts: 2
10/03/2008 10:09 PM  
Here's what I'm looking for in a new hardware firewall for my Small Business customers. It has to be reasonable priced and it has to be a two way firewall. That means filtering incoming packets to the network (forwarding the correct ones to the SBS 2008 server) as well as filtering the outgoing packets.
I think that it is important that you can create rules on the outgoing traffic. Why? Let me give you one example: A customer of mine had a small network with a SBS in 1 NIC config. She had a nasty trojan on her PC that had started his own SMTP server and was sending out loads of spam. The result was that in two days her outside IP address got listen on Spamcops etc. and now all outgoing mail was bounced back because of that.
So if anyone has any suggestions on what devices have this functionality? The regular LinkSys / D-Link routers won't do outside filtering as far as I know.

Thanks! Tony.
william warren User is Offline
United States
Member since
12/8/2005

Registered Users
Posts: 601
10/05/2008 02:57 AM  
untangle.com does this, astaro does this, several Linux firewall distros fit this bill..
Registered Microsoft Partner
You are not authorized to post a reply.
Page 2 of 2 << < 12
Forums > Microsoft Small Business Server 2008 > Small Business Server 2008 Standard > Hardware Firewall


ActiveForums 3.7
Forum policy    
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
  1. No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
  2. No Flaming or Trolling.
  3. No Profanity, Racism, or Prejudice.
  4. Site Moderators have the final word on approving/removing a thread or post or comment.
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.3437522 seconds.   :   Terms Of Use   :   Privacy Statement