Network Firewall Advice

I have two servers that I want to place in a collocated facility but I need to select a device (a managed switch I believe) to place in front of the servers to protect them from hacking attempts and route the appropriate traffic to the right machines based on IP and port.

I only need 4 Lan ports and 1 wan port.

The setup will be something like the following:

Live Server (Win OS) Dev Server (Win OS)

Many Public IP's to the router through one ethernet cable.

I need to route the traffic through the device based on port and IP combined.

This device would also need to be very stable and have good connectivity on the local network (gigabit) since the servers transfer a lot of data amongst each other.

Simplicity of interface is also going to be a concern since I'm a programmer and not a networking guru. I can handle setting up routing tables on a very basic level but anything CISCO is going to be out.

Cost is also another factor. My spending range for this device should not exceed $400.00.

I would prefer a smaller device so that I don't get charged for space from the co-lo company (not something that is rack mountable).

Thanks for your help!


Reply to
Loading thread data ...

Not going to want much protection for your network/nodes then.

For that range of price you can't get much that would provide all that you want.

Reply to

I understand that its a limited budget but something is better then nothing. I see that there are many sonicwalls in that price range on ebay. Will any of those devices work?

Reply to

If you get the key/software and a valid firmware for it.

Many devices sold on ebay are not fully functional - they are limited due to a key not being available or having very OLD firmware.

If you are going to protect a server group then spend the money it's worth and get a full/real appliance that will make your life easier. Many appliances in the $1900 range support many features that you'll want for supporting your network/nodes.

Reply to

Very few "managed switch" will "protect from hacking attempts"

Very few "managed switch" can do Network Address Translation (NAT). Some will do Policy Based Routing, but not until you are into the "Layer 3" or "Multilayer" switch range.

You are going to have a hard time finding a plain managed Layer 2 gigabit switch for $US400. With the other features you want, I think your only option in that price range would be to build your own from donated parts and could your time in programming and testing it as being "free".

Reply to
Walter Roberson

To elaborate on what Leythos said, what you won't pay in money you'll pay in research. You'll have to do a lot of asking questions & researching products on the web.

Some of those products are perfectly fine, but like Leythos said, a lot lack everything you need to get up and running & to relicense some of these devices will cost an arm and a leg.

Paying close attention to model numbers would be important as well. Some stuff on eBay is a few years old and cannot keep up with modern demands on through-put.

Lots of treasure to be found on eBay. But those treasures are surrounded by land mines. Lots of items are misrepresented in the product descriptions often because the seller simply doesn't know what he's got & can't be bothered to track down an accurate description.

For the bargain hunting tactic to work on eBay you have to be 100% sure beyond a shadow of a doubt what you will be receiving for your money.

Reply to
gray.wizard Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.