|
Posted by Duane Arnold on April 15, 2005, 9:05 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I need to get a firewall for a business using a small (very small)
> network using an NT4 server for file and printer sharing. They
> recently got broadband internet service using a D-Link DI-604 router
> (provided by the dish-network ISP.) I believe the router has some
> firewall capabilities, and does have a setting for additonal (I'm
> guessing) firewall filtering. I'm thinking of putting software
> firewalls on the client computers (three) and would the server also
> need one? Any thoughts or suggestions greatly appreciated. TIA.
>
You should have them get a low-end WatchGuard SOHO 6 Firebox or some
similar FW appliance like Sonicwall, Snapgear, etc, etc, to replace the D-
Link NAT router then you will not need to supplement the NAT Router (with
no FW) with any host based FW solution running on a machine. That D-link
NAT router is just that a NAT router with FW like features but is not a
real FW. On the other hand, the D-link is most likely good enough for a
small LAN satiation and high risk things are not being done like port
forwarding on the router.
And you can supplement the NAT router with a PFW solution on the
workstations. As for the NT4 server, you should try to harden the O/S to
attack by shutting down unneeded services on the machine and other things
like locking down the registry, using NTFS ect, ect. You should consider
not installing a host based FW software on the server as it would be
sucking up needed resources.
The link should also help you in your FW selection process.
http://www.more.net/technical/netserv/tcpip/firewalls/
Duane :)
| 
XML site map