|
Posted by Leythos on August 18, 2007, 7:44 am
If you were Registered and logged in, you could reply and use other advanced thread options
paul@spamcop.net says...
> I'm looking for a device to put at the edge of our network.
>
> I would want it to do the following:
>
> Act as a basic source/dest/protocol/action firewall to allow packets in
> and out to/from our servers.
> Have a minimum of 2 DMZ ports.
> Allow the internal and DMZ interfaces to work in either NAT or Route
> mode (selectable per interface).
> Have some sort of URL filtering via an external database i.e.
> Surfcontrol CPA/ISS
> Have the means to add/exclude entire domains from this filtering.
> Some level of IDS.
> A/V would be nice but not essential.
> Hardware appliance.
>
> The basic scenario is that outbound access for our LAN users would be
> handled by a proxy server on the LAN, so for outbound traffic (i.e.
> concurrent users) all this device would ever see would be the external
> IP of the proxy, as well as any traffic coming from our DMZ's.
>
> The internet connection will be 100mbps, though I anticipate average
> usage to be low, and bursty i.e. low average but when someone wants to
> download a large file it'll burst to as fast as we can get it.
>
> Because of this, and the fact that it won't have to handle connections
> from hundreds of of LAN machines I'm hoping to be able to look at a
> fairly low end box.
WatchGuard Firebox X755e - has up WAN, LAN, DMZ and you can add optional
5 other ports (as LAN, DMZ networks).
Does all that you ask above, good support, simple to learn, and if you
want GB network connections you can use the x1250e series.
--
Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)
| 
XML site map