Government Security
Network Security Resources

Jump to content

Photo

Firewall Device Advice

- - - - - server malware firewall ddos spam
  • Please log in to reply
2 replies to this topic

#1 jjj0923

jjj0923

    Private

  • Members
  • 2 posts

Posted 17 October 2010 - 04:56 AM

I'm looking for a firewall device for our office. We have a Verizon FIOS business line and I alreayd have a Microsoft ISA server in place primarily for natting, to keep out the basic riff-raff, allow ftp from certain IP and to do some address translation for a few webservers behind the firewall, however I'd like to get a firewall device to sit in front of the ISA box to block incoming email spam, DOS & DDos attacks, malware, etc.

I'd like to keep the price under $1,200 and the product should come with an update service to keep it updated with the latest signatures, etc

any recommendations? - VPN is not a requirement!

Jeff

#2 Marts McFly

Marts McFly

    Global Moderator

  • Colonel
  • 591 posts

Posted 17 October 2010 - 07:56 PM

It's a little tricky to buy an appliance that does both network firewalling and email content filtering on a budget.

Usually if you want a device sitting in front of your network filtering the crap out of incoming emails, you need to purchase an email filtering appliance. I've ran Barracuda's boxes before and they work, but they are very expensive (same goes for Cisco's IronPort). I don't think you will find an all-in-one appliance on that budget. How big is your environment? (How many users/servers do you need to protect?)

Are you saying that you don't have a firewall appliance on your network at present? Just the ISA? Hopefully you can get that changed soon because that's a pretty bad set up from a security stand-point (pending on what you are trying to protect of course).

Putting the budget aside. You could set up your own Linux firewall/spam filtering device. Both Smoothwall and Untangle can both be configured as firewalls and spam filters. These are free however you will need to know Linux pretty well.

One other solution might be is to sign up to an email content filtering service like MessageLabs. All of your emails get routed through their service and they are very good at blocking unwanted emails/malware + a lot of comparability and stat reports on your emails. (There are a variety of these providers around the place, it is a subscription fee and you pay per user's mailbox, but the beauty is you don't have any upfront costs for hardware and you don't have to worry about managing that service yourself).

Out of curiosity, do you run Exchange? Exchange 07 comes with a new Spam/Malware blocker (which I haven't had the change to try, might be worth looking in to if that is what you run).

To summarise, unless you configure a linux box as your gateway appliance, I don't think you will find an appliance on that budget to do everything you need. You might need to start looking outside of the box. If you give us some more info on your environment and what exactly you are trying to achieve/protect we might have some more ideas.
Certified Information Systems Security Professional (CISSP)

T: http://twitter.com/Marts_McFly

B: http://www.backtosecurity.com

#3 infiltrator

infiltrator

    Staff Sergeant

  • Sergeant Major
  • 421 posts

Posted 21 October 2010 - 07:08 PM

PFSense and Untangle would definitely be a good choice for a firewall.
However you will need to configure a separate box, in order to accommodate either one of them.
I haven't used PFSense, but I know from a fact that Untangle is very good.

Untangle can do IDPS, Web Filtering, Spam filtering and Virus filtering as well.
Note that some features you must pay in order to use.

http://www.untangle.com/Firewall





Also tagged with one or more of these keywords: server, malware, firewall, ddos, spam