Application Firewalls That Inspect Protocols?

It has been a long time since I have needed a new firewall, and I would like some pointers on developing a short list for the following requirements:

  • Firewall should not only support rule-based processing on the usual variables (IP, UDP/TCP, Source and Target Port) but also be capable of inspecting the protocol traffic over the port. This would be to prevent someone from running a different protocol over an open firewall port.

  • Support a minimum of 30 IPs on the inside part of the firewall.

  • Extremely easy user interface, preferably using a native Windows application

  • Cost under K

If there is a good article reviewing these types of firewalls please supply the URL.

Reply to
W
Loading thread data ...

Have you looked into Fortigate Firewalls made by Fortinet yet? I really like them and there easy to set up and use through their web GUI or via the command line and they have great customer support. I just replaced an 8 year old Fortigate 200A at my company in exchange for a new Fortigate 300C from Fortinet because we were finally reaching the

200A's connection limits (300 users).. Im sure they offer a model that would fit your needs.
Reply to
1QKUSMC0311

I also forgot to add that the Fortinet offers an "entry level piece of hardware which is a Fortigate 30 "Security Appliance" but from me just looking at the specs on the 30 series, it may not be able to do all the advanced things that the 200 and 300 does. Id probably check with Fortinet first

LOL , one thing that I do know, is that if youre not opposed to buying a used one online, you can get a 200 or 300 series for cheap that will do more than youll ever think about doing on your network! We paid over $6000 for our new 300C (with a support contract) which is considered "mid level" but if youre trying to save money, I'm seeing a couple used 300C's online for just a little over $1000, or you get the

200 series under $1000 all day long. I know some companies (mine ecspedially) wont buy anything without a support/maintenance contract of atleast 1 year but thought its worth mentioning.
Reply to
1QKUSMC0311

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.