Best firewall "software" for Win2k3....

Discussion in 'OT Technology' started by Harry Caray, Aug 19, 2008.

  1. Harry Caray

    Harry Caray Fine purveyor of x.264, h.264 & TS HD-Video !!! HD

    Joined:
    Apr 19, 2001
    Messages:
    17,176
    Likes Received:
    5
    Location:
    MyCrews:4x4,SoCal,Tesla,EV's
    yeah, no PIX or other HW will be an option for this client so what SW is the best right now?

    Maybe a sweet little mATX with linux setup? or just Sygate or something ?

    Alot say ZoneAlarm but I'm kinda :ugh:. Have they gotten better in the last 4 years?
     
  2. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    Throw a router on there and call it a day. Don't let them jew out and not pony up 50 bucks for a router.
     
  3. EvanD

    EvanD Active Member

    Joined:
    Jul 12, 2004
    Messages:
    6,727
    Likes Received:
    2
    Location:
    Ottawa, Canada
    router != firewall


    I'd recommend Sygate personally...It's used quite extensively where I work and I'm impressed with it.
     
  4. cmsurfer

    cmsurfer ºllllllº

    Joined:
    Jun 6, 2003
    Messages:
    5,079
    Likes Received:
    0
    Location:
    NJ
    True, but SW firewalls are a royal pain in the ass... I think a router will be enough.
     
  5. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Turn on the ICS/Firewall service.
     
  6. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    :ugh: No they aren't...

    ...they're a hell of a lot nicer than hardware firewalls, which all seem to require doctorate degrees to know how to set up policies. The Fortinet firewall in my office makes me want to claw my eyeballs out whenever I have to fuck with it.
     
  7. Harry Caray

    Harry Caray Fine purveyor of x.264, h.264 & TS HD-Video !!! HD

    Joined:
    Apr 19, 2001
    Messages:
    17,176
    Likes Received:
    5
    Location:
    MyCrews:4x4,SoCal,Tesla,EV's
    yeah, but doesn't the Win-Server firewall suck? no real way to lock it down?

    :rofl: at people saying a little dsl router is a firewall :ugh: yea.. tell Barracuda and Cisco that...
     
  8. HYBR|D

    HYBR|D Beep Beeeeee'p

    Joined:
    May 5, 2006
    Messages:
    2,009
    Likes Received:
    0
    Location:
    Ozz
    pctools firewall. It's free and is piss easy to use, but it also does what it is meant to also.
     
  9. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    It's the same firewall that Windows XP uses.
     
  10. Harry Caray

    Harry Caray Fine purveyor of x.264, h.264 & TS HD-Video !!! HD

    Joined:
    Apr 19, 2001
    Messages:
    17,176
    Likes Received:
    5
    Location:
    MyCrews:4x4,SoCal,Tesla,EV's
    yeah, and doesn't it suck?
     
  11. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    If you already have problems, yes it sucks. But malware can't send shit out through your network connection if it can't get in first, so while a two-way firewall is best, an incoming-only firewall will keep a clean computer clean.

    Anyway, I like Sygate Personal Firewall.
     
  12. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    :ugh: I don't think anyone said that. Having said that, it does a LOT of what a firewall does in its basic functions. You can do a lot of different things with a firewall that you can't with a router, but if you're thinking of a software solution then clearly we're not talking about high security.

    BTW, I run my server at home behind a little router and I have NO problems with this setup, so unless you're running numerous policies and/or have the traffic to support a proper firewall, I'm not sure why you're dismissing it.
     
  13. EvanD

    EvanD Active Member

    Joined:
    Jul 12, 2004
    Messages:
    6,727
    Likes Received:
    2
    Location:
    Ottawa, Canada
    You can't figure out how to set up a Fortigate? Cmon man it's like any other firewall for the most part.
     
  14. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    I'm not a "firewall guy"; it's not my core competency. I can handle it when a software firewall says "Program X wants to access xxx.xxx.xxx.xxx, do you want to allow or deny?", but the kinds of policies needed to allow communication between multiple subnets and load-balancing across two redundant internet connections make my head spin.
     
  15. EvanD

    EvanD Active Member

    Joined:
    Jul 12, 2004
    Messages:
    6,727
    Likes Received:
    2
    Location:
    Ottawa, Canada
    :mamoru: Yeah once you get into the knitty gritty with them it can start to become confusing. We use them extensively where I work..probably over 100 units right now. Being a UTM device they do everything OK but don't really do anything super well.
     
  16. Hate Crime

    Hate Crime Don't Hate OT Supporter

    Joined:
    Mar 12, 2006
    Messages:
    5,255
    Likes Received:
    0
    Location:
    Minnesota
    How much are you willing to spend?
     
  17. chips

    chips ...

    Joined:
    May 2, 2004
    Messages:
    3,755
    Likes Received:
    0
    Location:
    Phoenix, AZ
    look in to pfsense i just installed it on a system this weekend for home it rocks
     
  18. Bruticus

    Bruticus half dead OT Supporter

    Joined:
    Apr 10, 2004
    Messages:
    4,608
    Likes Received:
    0
    Location:
    Melbourne
    Sygate hasn't been updated in years and has been bought by Symantec and is now sort of included with the Norton internet security bundle of crap. I always liked it but I wouldn't put it on a clients machine.
     
  19. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    Best firewall for Win2K is... Linux. Get a router appliance.
     
  20. Cthalupa

    Cthalupa New Member

    Joined:
    May 5, 2006
    Messages:
    46,930
    Likes Received:
    0
    Location:
    Dallas, Texas
  21. Cthalupa

    Cthalupa New Member

    Joined:
    May 5, 2006
    Messages:
    46,930
    Likes Received:
    0
    Location:
    Dallas, Texas
    pfsense fails because snort won't work well on it though, meaning one of the best features of a true firewall (IDS/IPS) is unavailable
     
  22. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    He's not looking for an IDS. Slight overkill.
     
  23. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    We need a :stab: smiley.
     
  24. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    I tend to agree.
     
  25. Cthalupa

    Cthalupa New Member

    Joined:
    May 5, 2006
    Messages:
    46,930
    Likes Received:
    0
    Location:
    Dallas, Texas
    Setting up snort as an inline ips using just the public rules is pretty simple on several firewall appliances. Lots of extra protection, very little effort
     

Share This Page