Firewalls and SecurityThis is always and interesting topic. Especially since broadband connections have become increasingly used. Many commercial products have hit the market for the end user which claim to have firewalls (Linksys, D-Link, Netgear). Indeed they have that functionality and even offer parental controls or filters. If you go this route they do work. Keep in mind that you do not want to have public servers behind these devices. Yes they can be tweaked to do one box to offer one service like web. If you want to do it right look at a real firewall like Checkpoint's new SOHO appliances (Safe@Office 500 Series), CISCO Pix 500 Series, or Sonicwall SOHO3 or TZ 170, Watchguard Firebox, Nokia, Netscreen or many others. They all start around $500-$700 to protect 25 systems and go up in price from there topping out with the high end Netscreen devices which we feel are the absolute best. We personally like the Sonicwall devices for SOHO applications nd then the Checkpoint and Sonicwall appliances for the Small Businesses. Checkpoint has the best configuration and has been around a very long time. The new Sonicwall TZ 170 is catching up on that front. If that is out of your reach look at ZoneLabs ZoneAlarm personal Firewall (Checkpoint Software). It works great and even stops most of the annoying popups if configured to do so. We strongly encourage the use of appliance firewalls in combination with Zone Alarm if you need to lock down your systems. We offer services to do this for you. So why do we like appliance based firewalls. The answer is simple in no moving parts, no OS to keep secured and updated. Easy certification for HIPPA and Financial institutions.. So you were told that LINUX has a really good firewall for free. Yes, this is true. However LINUX also has the most posts to bugwatch and other security services. Do you really want to trust your security to a public domain source. Yes there are commercial software firewall products for Linux, but again the underlying OS is the issue as it is with Microsoft products and UNIX products and must be maintained. If you like LINUX for a choice, look at LEAF(http://www.leaf-project.org/) Appliances do have vulnerabilities and in most cases have easy firmware updates to close the holes. What about reporting. In all cases the appliances can send alerts and logs via email to you as well as to a SYSLOG program. SYSLOG is an old UNIX program that exists for every platform that records the log information that is sent to it. What about the Free Personal Firewall that comes with Windows XP SP2. Not bad for a start but all it can do is block inbound ports and is not very configurable. If you are looking for free personal firewalls look elsewhere like Kerio Personal Firewall, Outpost Firewall Free, Sygate Personal Firewall (if you can find it since Symantec bought it and killed it) and of course our favorite ZoneAlarm 6 free. Again if you are knowledgeable Try Core Security's Force. On the commercial side of personal firewalls is of course Zone Alarm Pro and ISS's BlackIce. Needless to say it is your choice on how secure you want to be. A single home computer would do well with just ZoneAlarm. For another top notch and also free personal firewall check out Core Security's Force (this product is not for novices). However a home network would do better with a cheap broadband router with simple rules and Network Address Translation. A small home business would do better with a small firewall appliance. Small to medium businesses can also use the same appliance or a larger one. Enterprise level is best handled by large multiple appliances with failover features. We can design and implement any of these solutions for you as can many other qualified security professionals. We hope you use our services.
Lorimer Network Research, Inc is an Information Technology Consulting Company based in Ouray County Colorado and serves clients in Ouray, Ridgway, Telluride, Montrose, Denver, Colorado Springs. Our local service covers Ouray County, Montrose County, Delta County, San Miguel County with highly qualified engineers who care deeply about our clients. |