Is Netgear FVS318 a "true" firewall?

I'd also pick holes in this statement: "Intrusion Detection features".

Netgear (and Cisco) misuse the terminology.

If AV and Spyware is a concern I would point you too a more sophisticated solution, such as a Netscreen, Sonicwall, or Fortinet appliance (my fav is Sonicwall at the moment). Using the Sonicwall as an example it has true Intrusion Prevention, Gateway AV which adds a nice second layer of AV (but you should always keep desktop/server AV as well), and anti-syware (biggie for me at the moment).

Err yeah I was agreeing with you actually :)

sophisticated

Try looking at a product called Astaro Security Linux. It's available for download at

More features than could imagine including application level proxies (the best thing any firewall can do), Staeful Packet Inspection (which by the way is an overused term for something which doesn't really yield much), Intrusion Protection, Spyware, Anti-Virus and the list goes on. It's based on hardened Suse Linux and you can install it in 15 minutes on any x86 box.

Mike

The 318 is a NAT box with some firewall LIKE features. I does not protect the protected network from anything seeking to get out - such as if your local computer were to get an SMTP virus, one that spams the world using it's own built-in SMTP engine, the 318 would not stop it from getting out and attacking the world.

A firewall has independent rules for inbound and outbound, it does not just ALLOW all outbound by default, nor does it allow inbound by default.

Many quality firewalls will know the difference between HTTP on port 80 and some non-HTTP session on port 80. None of the cheap devices for home users can do that.

Now, is it enough for a home user or small office, sure, you just need to know how to secure the OS on each system, understand that basics of true network and application security, and how to lock down the network and workstations against stupid/ignorant users running them.

"Eugene F." wrote in news:1119306325.139265.159530 @g47g2000cwa.googlegroups.com:

Me too and I am still a developer. The link should help you. I am still learning too.

A piece of hardware running NAT and SPI and some other FW like features doesn't make it a FW appliance. It's a simple NAT router. VPN is not FW software; it's an encryption protocol and rides on the TCP protocol that needs two valid end points hardware to hardware end points -- router to router in this case.

D-link, Linksys, Netgear, Belkin.

IDS are not FW software either but similiar.

An appliance running true FW software will meet the specs for *what does a FW do".

WhatchGuard, Cisco, Netscreen, SnapGear.

I should do the job as along as you don't do high risk things like port forwarding.

No not really.

What you really need is a Wallwatcher so you can review the router's logs with it and review the logs for inbound and outbound connections for dubious connections to possible remote IP(s).

A FW low-end FW appliance cost a few dollars more the Netgear.

Duane :)

I am not going to do anything. *IT* should do it. ;-)

Duane :)

The way you quoted/replied make it appear as though you are replying to me and not the user that posted the part that you are replying too.

When you quote and reply, you trim the part that isn't relevant, and you REPLY to the person that posts what you are replying too.

I didn't bring up IDS and such.

I agree with your statement about using a real firewall, but there is more to the firewall than just IDS and gateway AV:

1) Remove questionable content from HTTP sessions 2) Remove questionable attachments from inbound SMTP sessions 3) Ensure that the type of traffic is what's actually on the port 4) Limit outbound to the services you want outbound 5) Clear / detailed logs 6) A lot more things that NAT devices don't do.

Sorry, guess I was just overly sensitive about quoting since I've been spending time in the microsoft.public groups where very few know how to properly quote, that and it being a very long last three weeks on this project....

The small office that has FVS318 already installed does not have any internal web and/or mail servers.

That's malware and Trojans things of that nature that the router cannot stop the outbound traffic from a machine, which they can circumvent and defeat things like AV(s) and Anti-spyware and get out. The FVS318 has no means to stop that outbound traffic from a machine, until such time that you can locate and remove the compromise from a machine.

Duane :)

As long as you protect the network against the INTERNAL users, it will be enough. If you run as Administrators on each workstation, if you use IE in default mode, if you don't apply service packs for XP/Office, if you don't run quality AV software, if your users are complete morons, you will not be protected.