Hi,
Are anyone here aware of a low cost(pref. less than 50$) software firewall for MS Server 2003? Before anyone suggests a seperate hardware solution, let me just say that it is not possible for us, we need to protect multiple servers which will not be in vicinity of each other, so we would need one for each server. Besides we dont have physical access to the servers, which are connected 'directly' to the internet. And no, we cant just use a linux server instead(not that we wouldnt like to).
Of the usual Microsoft services we will only be using terminal services for remote admin, most of the other services used will be our own programs, for this we need to specify rules only allowing specific IPs access to specific ports. We also need the firewall to not block the RDP connection during installation for obvious reasons.
We dont need any kind of application protection or similar, in fact we would rather be without any weird popups asking if this program will do this or that. We just need stateful packet filtering of incoming traffic, local programs can be trusted.
Ive had a look at Tiny Firewall Normal/Pro, which we probably could use(though a bit bloated), but they are too expensive(100$/200$). The CHX-I packet filter does what we need(albeit clumsily) but also costs too much(120$ per license). Outpost Pro is cheap but cannot be remotely managed from Remote Desktop.
Im frankly close to giving up and just use the built-in ICF(Internet Connection Firewall) in conjunction with IPSec ( to check traffic on the RDP port is from the correct range of IPs). But im not sure how bad the ICF is. For example does it work on the paradigm of blocking everything that is not specifically allowed or not? Can it handle a large volume of traffic/connections without hogging CPU and RAM? etc etc.
I really appreciate anyone taking the time to read this as well giving any answers.
PT