My personal preference would be a Cisco PIX 501. I happen to use a Cisco PIX 515-UR to protect my home T1. But the 501 works plenty
well (the reason I have the 515 is because I got it as partial payment for a consulting job).

Dennis


Mike Saunders wrote:
> I would like advice on protecting upwards of 10 clients on a Windows
> 2003 server where only 2 users require internet access My own home
> network is well provided for using a 4 port combined NAT
> switch/router/firewall (I have a Draytek 2600 which has a number of
> firewall features included).
>
> My initial thought would be to connect a similar router to one of the
> 16 ports on the switch that serves all 10 users and configure it to
> only allow the 2 users internet access. I would appreciate any
> comments on this and whether there would be better choice for the
> router (It would not need to include a switch for instance or act as a
> DHCP server although the Draytek does provide for a VPN as well)
> Ideally a similar router to the Draytek that had say 16 ports might be
> the answer and replace the existing switch with it but these seem to be
> hard to find
>
> Finally am I right in thinking that for a basic network it is a wise to
> keep the server software as simple as possible and invest in the
> external router for protection (ie avoiding ISA Server)
>
> Many thanks
>
> Mike

Dennis Willson wrote:

> My personal preference would be a Cisco PIX 501. I happen to use a
> Cisco PIX 515-UR to protect my home T1. But the 501 works plenty well
> (the reason I have the 515 is because I got it as partial payment for
> a consulting job).
>
> Dennis
>
>
> Mike Saunders wrote:
> > I would like advice on protecting upwards of 10 clients on a Windows
> > 2003 server where only 2 users require internet access My own home
> > network is well provided for using a 4 port combined NAT
> > switch/router/firewall (I have a Draytek 2600 which has a number of
> > firewall features included).
> >
> > My initial thought would be to connect a similar router to one of
> > the 16 ports on the switch that serves all 10 users and configure
> > it to only allow the 2 users internet access. I would appreciate
> > any comments on this and whether there would be better choice for
> > the router (It would not need to include a switch for instance or
> > act as a DHCP server although the Draytek does provide for a VPN as
> > well) Ideally a similar router to the Draytek that had say 16 ports
> > might be the answer and replace the existing switch with it but
> > these seem to be hard to find
> >
> > Finally am I right in thinking that for a basic network it is a
> > wise to keep the server software as simple as possible and invest
> > in the external router for protection (ie avoiding ISA Server)
> >
> > Many thanks
> >
> > Mike

I think this as also a 4 port device so is my approach re connecting
many more clients viable?

Thanks

Mike

Kinkie ha dimenticato di nuovo di cambiare il cite di inizio messaggio,
cosi` non potrete mai sapere che sta rispondendo a Dennis Willson:

> My personal preference would be a Cisco PIX 501. I happen to use a Cisco
> PIX 515-UR to protect my home T1. But the 501 works plenty well (the
> reason I have the 515 is because I got it as partial payment for a
> consulting job).

Juniper Networks Netscreen 5GT can also be a good choice. 4-ports HUB,
hundred-Mb/s or thereabout firewall, 40something Mb/s IPSEC VPN, Web-based
config interface and small form factor (comparable to the 501 iirc),
should actually be cheaper than the Pix gear (I could never stand
configuring them).

http://www.juniper.net/products/integrated/ns_hsc.html
http://www.juniper.net/products/inte...s_5series.html

Kinkie

Mike Saunders wrote:


> I think this as also a 4 port device so is my approach re connecting
> many more clients viable?

It is no problem cascading the switch that is built-in in the device with
the one that you use in you office anyway.

Wolfgang

Dennis Willson wrote:

> My personal preference would be a Cisco PIX 501. I happen to use a
> Cisco PIX 515-UR to protect my home T1. But the 501 works plenty well
> (the reason I have the 515 is because I got it as partial payment for
> a consulting job).
>
> Dennis
>
>
> Mike Saunders wrote:
> > I would like advice on protecting upwards of 10 clients on a Windows
> > 2003 server where only 2 users require internet access My own home
> > network is well provided for using a 4 port combined NAT
> > switch/router/firewall (I have a Draytek 2600 which has a number of
> > firewall features included).
> >
> > My initial thought would be to connect a similar router to one of
> > the 16 ports on the switch that serves all 10 users and configure
> > it to only allow the 2 users internet access. I would appreciate
> > any comments on this and whether there would be better choice for
> > the router (It would not need to include a switch for instance or
> > act as a DHCP server although the Draytek does provide for a VPN as
> > well) Ideally a similar router to the Draytek that had say 16 ports
> > might be the answer and replace the existing switch with it but
> > these seem to be hard to find
> >
> > Finally am I right in thinking that for a basic network it is a
> > wise to keep the server software as simple as possible and invest
> > in the external router for protection (ie avoiding ISA Server)
> >
> > Many thanks
> >
> > Mike



Or, check out the SonicWall firewall appliance, like the TZ series.
Not only are they easy to set up, they are fairly inexpensive as well,
and they can be expanded to allow VPN and other higher-end solutions...
Goldstar Software Inc.
Building on Btrieve(R) for the Future(SM)
Bill Bach
BillBach@goldstarsoftware.com
http://www.goldstarsoftware.com
*** Chicago: Pervasive.SQL Service & Support - March, 2006 ***
*** Chicago: Pervasive DataExchange Class - March, 2006 ***