Firewall/Networking advice wamted - Network

This is a discussion on Firewall/Networking advice wamted - Network ; I would like advice on protecting upwards of 10 clients on a Windows 2003 server where only 2 users require internet access My own home network is well provided for using a 4 port combined NAT switch/router/firewall (I have a ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Firewall/Networking advice wamted

  1. Firewall/Networking advice wamted

    I would like advice on protecting upwards of 10 clients on a Windows
    2003 server where only 2 users require internet access My own home
    network is well provided for using a 4 port combined NAT
    switch/router/firewall (I have a Draytek 2600 which has a number of
    firewall features included).

    My initial thought would be to connect a similar router to one of the
    16 ports on the switch that serves all 10 users and configure it to
    only allow the 2 users internet access. I would appreciate any
    comments on this and whether there would be better choice for the
    router (It would not need to include a switch for instance or act as a
    DHCP server although the Draytek does provide for a VPN as well)
    Ideally a similar router to the Draytek that had say 16 ports might be
    the answer and replace the existing switch with it but these seem to be
    hard to find

    Finally am I right in thinking that for a basic network it is a wise to
    keep the server software as simple as possible and invest in the
    external router for protection (ie avoiding ISA Server)

    Many thanks

    Mike

  2. Re: Firewall/Networking advice wamted

    My personal preference would be a Cisco PIX 501. I happen to use a Cisco PIX 515-UR to protect my home T1. But the 501 works plenty
    well (the reason I have the 515 is because I got it as partial payment for a consulting job).

    Dennis


    Mike Saunders wrote:
    > I would like advice on protecting upwards of 10 clients on a Windows
    > 2003 server where only 2 users require internet access My own home
    > network is well provided for using a 4 port combined NAT
    > switch/router/firewall (I have a Draytek 2600 which has a number of
    > firewall features included).
    >
    > My initial thought would be to connect a similar router to one of the
    > 16 ports on the switch that serves all 10 users and configure it to
    > only allow the 2 users internet access. I would appreciate any
    > comments on this and whether there would be better choice for the
    > router (It would not need to include a switch for instance or act as a
    > DHCP server although the Draytek does provide for a VPN as well)
    > Ideally a similar router to the Draytek that had say 16 ports might be
    > the answer and replace the existing switch with it but these seem to be
    > hard to find
    >
    > Finally am I right in thinking that for a basic network it is a wise to
    > keep the server software as simple as possible and invest in the
    > external router for protection (ie avoiding ISA Server)
    >
    > Many thanks
    >
    > Mike


  3. Re: Firewall/Networking advice wamted

    Dennis Willson wrote:

    > My personal preference would be a Cisco PIX 501. I happen to use a
    > Cisco PIX 515-UR to protect my home T1. But the 501 works plenty well
    > (the reason I have the 515 is because I got it as partial payment for
    > a consulting job).
    >
    > Dennis
    >
    >
    > Mike Saunders wrote:
    > > I would like advice on protecting upwards of 10 clients on a Windows
    > > 2003 server where only 2 users require internet access My own home
    > > network is well provided for using a 4 port combined NAT
    > > switch/router/firewall (I have a Draytek 2600 which has a number of
    > > firewall features included).
    > >
    > > My initial thought would be to connect a similar router to one of
    > > the 16 ports on the switch that serves all 10 users and configure
    > > it to only allow the 2 users internet access. I would appreciate
    > > any comments on this and whether there would be better choice for
    > > the router (It would not need to include a switch for instance or
    > > act as a DHCP server although the Draytek does provide for a VPN as
    > > well) Ideally a similar router to the Draytek that had say 16 ports
    > > might be the answer and replace the existing switch with it but
    > > these seem to be hard to find
    > >
    > > Finally am I right in thinking that for a basic network it is a
    > > wise to keep the server software as simple as possible and invest
    > > in the external router for protection (ie avoiding ISA Server)
    > >
    > > Many thanks
    > >
    > > Mike


    I think this as also a 4 port device so is my approach re connecting
    many more clients viable?

    Thanks

    Mike

  4. Re: Firewall/Networking advice wamted

    Kinkie ha dimenticato di nuovo di cambiare il cite di inizio messaggio,
    cosi` non potrete mai sapere che sta rispondendo a Dennis Willson:

    > My personal preference would be a Cisco PIX 501. I happen to use a Cisco
    > PIX 515-UR to protect my home T1. But the 501 works plenty well (the
    > reason I have the 515 is because I got it as partial payment for a
    > consulting job).


    Juniper Networks Netscreen 5GT can also be a good choice. 4-ports HUB,
    hundred-Mb/s or thereabout firewall, 40something Mb/s IPSEC VPN, Web-based
    config interface and small form factor (comparable to the 501 iirc),
    should actually be cheaper than the Pix gear (I could never stand
    configuring them).

    http://www.juniper.net/products/integrated/ns_hsc.html
    http://www.juniper.net/products/inte...s_5series.html

    Kinkie

  5. Re: Firewall/Networking advice wamted

    Mike Saunders wrote:


    > I think this as also a 4 port device so is my approach re connecting
    > many more clients viable?


    It is no problem cascading the switch that is built-in in the device with
    the one that you use in you office anyway.

    Wolfgang

  6. Re: Firewall/Networking advice wamted

    Dennis Willson wrote:

    > My personal preference would be a Cisco PIX 501. I happen to use a
    > Cisco PIX 515-UR to protect my home T1. But the 501 works plenty well
    > (the reason I have the 515 is because I got it as partial payment for
    > a consulting job).
    >
    > Dennis
    >
    >
    > Mike Saunders wrote:
    > > I would like advice on protecting upwards of 10 clients on a Windows
    > > 2003 server where only 2 users require internet access My own home
    > > network is well provided for using a 4 port combined NAT
    > > switch/router/firewall (I have a Draytek 2600 which has a number of
    > > firewall features included).
    > >
    > > My initial thought would be to connect a similar router to one of
    > > the 16 ports on the switch that serves all 10 users and configure
    > > it to only allow the 2 users internet access. I would appreciate
    > > any comments on this and whether there would be better choice for
    > > the router (It would not need to include a switch for instance or
    > > act as a DHCP server although the Draytek does provide for a VPN as
    > > well) Ideally a similar router to the Draytek that had say 16 ports
    > > might be the answer and replace the existing switch with it but
    > > these seem to be hard to find
    > >
    > > Finally am I right in thinking that for a basic network it is a
    > > wise to keep the server software as simple as possible and invest
    > > in the external router for protection (ie avoiding ISA Server)
    > >
    > > Many thanks
    > >
    > > Mike




    Or, check out the SonicWall firewall appliance, like the TZ series.
    Not only are they easy to set up, they are fairly inexpensive as well,
    and they can be expanded to allow VPN and other higher-end solutions...
    Goldstar Software Inc.
    Building on Btrieve(R) for the Future(SM)
    Bill Bach
    BillBach@goldstarsoftware.com
    http://www.goldstarsoftware.com
    *** Chicago: Pervasive.SQL Service & Support - March, 2006 ***
    *** Chicago: Pervasive DataExchange Class - March, 2006 ***

+ Reply to Thread