Small Form Factor Firewall

Secure Home | Search | About

Lost Password?

Networking Firewalls

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Small Form Factor Firewall

Will

09-27-2006

Re: Small Form Factor Firewall

mak

09-27-2006

Re: Small Form Factor Firewall

Leythos

09-27-2006

Posted by Will on September 27, 2006, 4:26 am

If you were Registered and logged in, you could reply and use other advanced thread options

Does anyone make a small form factor firewall that is manageable by a web
interface, with a rule based configuration similar in principle to
Checkpoint's, but is designed for individual computers or a very small
network? I'm interested in possibly putting a few of these in front of key
network management stations. Because of rootkit viruses, I no longer
believe that in what a software firewall's logs tell me. The rootkit can
simply hide network activity in the kernel and report back only what it
wants you to see. Because I would use these firewalls one per workstation,
I don't want to be spending $1K or $2K per box.

Some very desirable features:

1) A hard lockout on the firewall that would prevent any configuration
changes or administrative logins unless a button or knob were pressed.
Having a hard-wired read-only mode would prevent a trojan that sniffs your
keystrokes from doing much of use with the userid and password of the
external firewall.

2) Low cost, under $500/firewall.

3) GigE Support. These are being used on an internal network and I don't
want to sacrifice speed.

4) Support for mail alerts as well as alerting back to a GUI gadget on the
Windows desktop.

Are there any good options for this product?

--
Will

Posted by mak on September 27, 2006, 5:24 am

If you were Registered and logged in, you could reply and use other advanced thread options

Will wrote:

> Does anyone make a small form factor firewall that is manageable by a web

> interface, with a rule based configuration similar in principle to

> Checkpoint's, but is designed for individual computers or a very small

> network? I'm interested in possibly putting a few of these in front of key

> network management stations. Because of rootkit viruses, I no longer

> believe that in what a software firewall's logs tell me. The rootkit can

> simply hide network activity in the kernel and report back only what it

> wants you to see. Because I would use these firewalls one per workstation,

> I don't want to be spending $1K or $2K per box.

you could use a small soncwall (tz170)

> Some very desirable features:

> 1) A hard lockout on the firewall that would prevent any configuration

> changes or administrative logins unless a button or knob were pressed.

> Having a hard-wired read-only mode would prevent a trojan that sniffs your

> keystrokes from doing much of use with the userid and password of the

> external firewall.

it doesn't have a button but you can disable http/https managment on any
interface
(e.g. disable for inside/outside interface, enable for opt interface, if you
need to change config, connect with laptop
to opt interface or console)

> 2) Low cost, under $500/firewall.

i think they are about $400-500

> 3) GigE Support. These are being used on an internal network and I don't

> want to sacrifice speed.

not sure, check specs
http://www.sonicwall.com/products/index.html

> 4) Support for mail alerts as well as alerting back to a GUI gadget on the

> Windows desktop.

it can send mail alerts and I think syslogging

> Are there any good options for this product?

Posted by Leythos on September 27, 2006, 7:40 am

If you were Registered and logged in, you could reply and use other advanced thread options

usc@noemail.nospam says...