1. Home
  2. Networking Firewalls
  3. Firewall Selection Advice

Firewall Selection Advice

Good day. I'm starting a network consisting of 50 PCs through a satellite connection. I need a dedicated firewall which will be able to accomplish the following:

-MAC Filtering for hardlined machines (the wireless router can handle MAC filtering for wireless)

-Badwidth limits per MAC address for a specific time period

-Logs of all traffic

-Log specifically for bandwidth

-Blocking of some P2P processes, but not all (don't allow gaming but do allow skype, etc)

-DHCP

-Normal DoS protection, etc

-VPN is not important to us

Any advice? I'm finding tons of equipment out there, but I'm hoping to spend less than $200. I've seen ZyXEL ZyWALL 2 Plus, which looks good, but I'm not 100% convinced.

Thanks for your help.

Reply to
LTKaveman
Loading thread data ...

If wireless is involved, then you need to be posting to alt.internet,wireless to professionals that put those types of solutions together for clients.

>
Reply to
Mr. Arnold

This is a network for both wireless and wired machines.

Reply to
LTKaveman

So? They work with both types of solutions in the wireless NG as clients have wired/wireless solutions they need help with to implement, and they can give you better advise on a wire/wireless solution. That's what they do.

I can't say that you're posting to the wrong NG. But there are professionals over there that are just as savvy in wire/wireless FW solutions maybe even better than here. One thing they might say is keep the wireless out of the FW's trusted zone and not even get a wire/wireless FW appliance solution as an example and take another approach.

I frequent both NG(s).

Reply to
Mr. Arnold

Here is the cost figure to keep in mind: Between $50 and $100 in direct and indirect costs for EACH customer record inadvertently exposed.

Perimeter protection is not a place to skimp on costs.

JJ

Reply to
JJ

Less than $200 per seat or less than $200 TOTAL for the entire firewall solution??

Reply to
AMR

If it's less than $200 then it's not a firewall.

Reply to
Leythos

Hi,

ZyWALL2 Plus is perfect for less than 10 users network, but you are talking about 50 PCs in your network.

I think you have to think of ZyWALL 35 or even ZyWALL 70 for your network and I prefer that you go with UTM models for full Internet protection ( Anti-virus, Anti-Spam, IDS/IPS, Content filtering, firewalling .... etc) which is supported on ZyXEL ZyWALL UTM models like 5,35,70 and 1050.

Spider,

formatting link

Reply to
spider

And what happens when the load is increased....

My experience with ZyXel support is about the same as Dell support, sucks.

Reply to
Leythos

that's a ridiculous statement

Reply to
AMR

Responding to the original Question the Juniper SSG 5 (Netscreen) is a great choice for what you are wanting to do. It gives you Wireless with multiple SSIDs, IDS/IPS, client filtering, spam and virus filtering as well as IPSEC VPN termination.

It is going to cost you more than $200 but it is quite a bit cheaper than offerings from Cisco.

The other you you could consider is going with a product you could build from someplace like routerboard.com or on a software platform such as any linux distro and use IPTABLES. Moonwall would be something you would want to research of you were going to go the linux route.

Hope this helps.

Josh

formatting link

Reply to
joshobrien77

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.