+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 22
Wireless Networks Thread, Firewall solution? in Technical; Our LEA will soon provide us with an incoming IP for some TS or Citrix connections so we need a ...
  1. #1
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,196
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74

    Firewall solution?

    Our LEA will soon provide us with an incoming IP for some TS or Citrix connections so we need a firewall box.

    Anyone here running Cisco kit? I've been looking at the Cisco ASA 5505 and was wondering if anyone is using one.

    http://www.pcpro.co.uk/reviews/96040...-asa-5505.html

    http://www.cisco.com/en/US/products/...omparison.html

    We'll be allowing a limited number of incoming TS connections and maybe a few connections to our intranet. We only have a 10Meg incoming connection so i can't see it being under massive load.

    I notice that it is bundled with 2 SSL connection licences so i assume you have to buy extra (is this the case)

    Better suggestions?

    Cheers.

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,847
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444
    have you considered smoothwall? From what i have been told its very good.

  3. #3

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    I use a linux box running shorewall. However I will be looking at the smoothwall offering to see if it does what I want.

  4. #4
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,196
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I'm open to options. I have some Linux skills but there is a possibility that i won't be around much longer and i don't want to leave the school managing with something that i've lashed together.

    I've haven't looked at smoothwall for a while i might take another look.

  5. #5

    Join Date
    Jan 2008
    Posts
    23
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Don;t know how much you want to spend, but have a look at a Netscreen 5GT.:-

    http://www.pcwb.com/catalogue/item/NETSCR31

    I've used various netscreens over the years. Pretty easy to configure, but very versatile if you need them to be.

    Rauf

  6. #6

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,517
    Thank Post
    1,494
    Thanked 1,050 Times in 919 Posts
    Rep Power
    302
    Smoothwall should be worth a good look at, or how about using an off the shelf wirewall / router device that has a WAN port such as one of the Netgears or Drayteks?

  7. #7
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    22
    Other open source options to consider are pfSense and m0n0wall. Both based on the BSD kernel as opposed to the Linux kernel.

    As the others have already mentioned Smoothwall is a good contender. Another Linux based offering would be IPCop.

    But yes an ASA or a PIX will do the job, and having used both I personally prefer working on ASAs but it's just preference. You might wish to consider whether a Cisco device is necessary when it might well be full of features you're not going to use, when a custom built box would do the job for a lot lower cost.

  8. #8
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,196
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I can see what you're saying Joe i guess you just get that feeling of reliability from a Cisco box i'm sure smoothwall is a pretty good solution so i might give it a look.

    Any hardware recommendations?

    Anyone using Smoothwall to allow and secure incoming TS connections?

    Cheers.

  9. #9
    Ryan's Avatar
    Join Date
    Jan 2008
    Location
    Scotland
    Posts
    537
    Thank Post
    12
    Thanked 16 Times in 15 Posts
    Blog Entries
    1
    Rep Power
    29
    Semi-decent PC with ISA Server on it?

  10. #10

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,590
    Thank Post
    109
    Thanked 762 Times in 593 Posts
    Rep Power
    180
    @cookie_monster: Your concerns about your Linux skills disappearing are well raised. If you go down the Smoothwall route, you can go for the UTM appliance which provides a user-friendly interface and support for bother the hardware and software.

  11. #11


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Your concerns about your Linux skills disappearing are well raised.
    I disagree, if he puts in a Cisco box they advertise the job with cisco experience, if he puts in a linux box they advertise for linux experience.

    Anyone using Smoothwall to allow and secure incoming TS connections?
    not yet, currently we have a linux box doing it - but we have a schoolguardian which is only doing proxy filtering. We plan on moving the linux firewall over to smoothwall.

  12. #12

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,590
    Thank Post
    109
    Thanked 762 Times in 593 Posts
    Rep Power
    180
    Quote Originally Posted by CyberNerd View Post
    I disagree, if he puts in a Cisco box they advertise the job with cisco experience, if he puts in a linux box they advertise for linux experience.
    In an ideal world, yes... you and I both know that this is a school though! Either way, it would add an extra 10k to the pay

  13. #13
    torledo's Avatar
    Join Date
    Oct 2007
    Posts
    2,928
    Thank Post
    168
    Thanked 155 Times in 126 Posts
    Rep Power
    47
    Quote Originally Posted by cookie_monster View Post
    Our LEA will soon provide us with an incoming IP for some TS or Citrix connections so we need a firewall box.

    Anyone here running Cisco kit? I've been looking at the Cisco ASA 5505 and was wondering if anyone is using one.

    http://www.pcpro.co.uk/reviews/96040...-asa-5505.html

    http://www.cisco.com/en/US/products/...omparison.html

    We'll be allowing a limited number of incoming TS connections and maybe a few connections to our intranet. We only have a 10Meg incoming connection so i can't see it being under massive load.

    I notice that it is bundled with 2 SSL connection licences so i assume you have to buy extra (is this the case)

    Better suggestions?

    Cheers.
    You can purchase a ASA 5505 vpn bundle that comes with 10 ssl vpn licenses and supports up to 50 fw users. That's essentially a base configuration for the 5505. It'll probably be enough for what you need, the 5505 is entry-level and so doesn't have the prformance or some of the advanced features of the more expensive models i.e no virtual firewall feature with the 5505.

    Really depends on you're budget....but i'd recommend an ASA or one of the entry-level checkpoint firewalls.

  14. #14
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,196
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I know a couple of local companies that have people who are familiar with Cisco kit so in an emergency they could help out neither support Linux solutions. Attracting skilled IT workers around here has been an issue in the past and asking for Linux skills as well might limit our choice even more.


    @ torledo, I was looking at a ASA 5505 but i'm thinking the 25 user limit might be an issue at some point. I might take a look at checkpoints offerings.


    We plan on moving the linux firewall over to smoothwall.
    I thought Smoothwall was a Linux based solution.

    Cheers.
    Last edited by cookie_monster; 13th March 2008 at 10:16 AM.

  15. #15

    Join Date
    Dec 2005
    Location
    Essex
    Posts
    85
    Thank Post
    7
    Thanked 5 Times in 5 Posts
    Rep Power
    18
    Id like to recommend IPCop

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Server 10.4 firewall
    By HodgeHi in forum Mac
    Replies: 2
    Last Post: 9th January 2008, 09:44 AM
  2. 2 networks, 1 firewall
    By Wizzer in forum Wireless Networks
    Replies: 10
    Last Post: 17th November 2006, 01:54 AM
  3. no firewall etc
    By ptrainor1 in forum Wireless Networks
    Replies: 15
    Last Post: 22nd October 2006, 09:34 PM
  4. Windows Firewall
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 31st August 2005, 12:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •