Software firewall for Windows NT domain controllers

Archived from groups: comp.security.firewalls (More info?)

We are looking for a software firewall product that we can install on
our Windows NT primary and backup domain controllers. The "personal"
products almost work, but the few we have tried all seem to have some
flaw. We are looking for a product with roughly the same functionality
as Linux's IPTABLES (so, for example, we don't need e-mail or virus
scanning, or "application tampering" features, just an IP-based
firewall).

Is anyone using one they would recommend? Price is a factor, but we
are certainly willing to pay a reasonable amount.

Thanks in advance.
7 answers Last reply
More about software firewall windows domain controllers
  1. Archived from groups: comp.security.firewalls (More info?)

    "Rich Evans" <google@macrotex.net> wrote in message
    news:422494b1.0406152124.10a26d29@posting.google.com...
    > We are looking for a software firewall product that we can install on
    > our Windows NT primary and backup domain controllers. The "personal"
    > products almost work, but the few we have tried all seem to have some
    > flaw. We are looking for a product with roughly the same functionality
    > as Linux's IPTABLES (so, for example, we don't need e-mail or virus
    > scanning, or "application tampering" features, just an IP-based
    > firewall).
    >
    > Is anyone using one they would recommend? Price is a factor, but we
    > are certainly willing to pay a reasonable amount.
    >
    > Thanks in advance.

    Personally, I would use a hardware firewall appliance. That, or you could
    upgrade your NT servers to Windows 2000 or 2003 Server and make use of the
    built-in IPSec filtering functionality. It's kind of buried in the
    documentation, but every WinNT-based OS since 2000 has had fairly robust
    IPSec functionality. It just isn't particularly easy to find and/or
    configure. But, unfortunately, no... I don't know of any host-based firewall
    products that I would recommend for a server deployment... at least not any
    that I would considere to be low-cost. Let me know if you find one.

    Alec
  2. Archived from groups: comp.security.firewalls (More info?)

    "Alec" <alec@nospam.com> wrote in message news:<chaAc.1267$yt1.477@newssvr23.news.prodigy.com>...
    > "Rich Evans" <google@macrotex.net> wrote in message
    > news:422494b1.0406152124.10a26d29@posting.google.com...
    > > We are looking for a software firewall product that we can install on
    > > our Windows NT primary and backup domain controllers. The "personal"
    > > products almost work, but the few we have tried all seem to have some
    > > flaw. We are looking for a product with roughly the same functionality
    > > as Linux's IPTABLES (so, for example, we don't need e-mail or virus
    > > scanning, or "application tampering" features, just an IP-based
    > > firewall).
    > >
    > > Is anyone using one they would recommend? Price is a factor, but we
    > > are certainly willing to pay a reasonable amount.
    > >
    > > Thanks in advance.
    >
    > Personally, I would use a hardware firewall appliance. That, or you could
    > upgrade your NT servers to Windows 2000 or 2003 Server and make use of the
    > built-in IPSec filtering functionality. It's kind of buried in the
    > documentation, but every WinNT-based OS since 2000 has had fairly robust
    > IPSec functionality. It just isn't particularly easy to find and/or
    > configure. But, unfortunately, no... I don't know of any host-based firewall
    > products that I would recommend for a server deployment... at least not any
    > that I would considere to be low-cost. Let me know if you find one.
    >
    > Alec


    OK. Can anyone suggest a hardware firewall with the following
    qualities:

    * small and low power (similar to a home router)
    * firewall only (no need for routing, just IPTABLE-style INPUT
    filtering)
    * not more than $200

    A pc with linux installed is not an option since this is too big and
    draws too much power.

    Thanks.
  3. Archived from groups: comp.security.firewalls (More info?)

    In article <422494b1.0406170811.38cf2e45@posting.google.com>,
    google@macrotex.net says...
    [snip]
    > OK. Can anyone suggest a hardware firewall with the following
    > qualities:
    >
    > * small and low power (similar to a home router)
    > * firewall only (no need for routing, just IPTABLE-style INPUT
    > filtering)
    > * not more than $200
    >
    > A pc with linux installed is not an option since this is too big and
    > draws too much power

    I don't know of ANY firewall appliance on the market that costs under
    $200. About the only thing you can do is bid on ebay for one that has
    the features you want and hope you can get it cheaper.


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  4. Archived from groups: comp.security.firewalls (More info?)

    Leythos <void@nowhere.com> wrote in news:MPG.1b3bbd1fcaec9cc398a654@news-
    server.columbus.rr.com:

    > In article <422494b1.0406170811.38cf2e45@posting.google.com>,
    > google@macrotex.net says...
    > [snip]
    >> OK. Can anyone suggest a hardware firewall with the following
    >> qualities:
    >>
    >> * small and low power (similar to a home router)
    >> * firewall only (no need for routing, just IPTABLE-style INPUT
    >> filtering)
    >> * not more than $200
    >>
    >> A pc with linux installed is not an option since this is too big and
    >> draws too much power
    >
    > I don't know of ANY firewall appliance on the market that costs under
    > $200. About the only thing you can do is bid on ebay for one that has
    > the features you want and hope you can get it cheaper.
    >
    >
    >

    What about linux on an old laptop? Sometimes pentium laptops sell on ebay
    in the $200 range. Power consumption would be low and they're fairly
    small.

    Bob
  5. Archived from groups: comp.security.firewalls (More info?)

    bob wrote:

    > What about linux on an old laptop? Sometimes pentium laptops sell on ebay
    > in the $200 range. Power consumption would be low and they're fairly
    > small.

    .... and it even comes with a built-in uniterruptable power supply

    ;-)

    Wolfgang
    --
    A foreign body and a foreign mind
    never welcome in the land of the blind.
    from 'Not one of us', (c) 1980 Peter Gabriel
  6. Archived from groups: comp.security.firewalls (More info?)

    "Rich Evans" <google@macrotex.net> wrote in message
    news:422494b1.0406170811.38cf2e45@posting.google.com...
    > "Alec" <alec@nospam.com> wrote in message
    news:<chaAc.1267$yt1.477@newssvr23.news.prodigy.com>...
    > > "Rich Evans" <google@macrotex.net> wrote in message
    > > news:422494b1.0406152124.10a26d29@posting.google.com...
    > > > We are looking for a software firewall product that we can install on
    > > > our Windows NT primary and backup domain controllers. The "personal"
    > > > products almost work, but the few we have tried all seem to have some
    > > > flaw. We are looking for a product with roughly the same functionality
    > > > as Linux's IPTABLES (so, for example, we don't need e-mail or virus
    > > > scanning, or "application tampering" features, just an IP-based
    > > > firewall).
    > > >
    > > > Is anyone using one they would recommend? Price is a factor, but we
    > > > are certainly willing to pay a reasonable amount.
    > > >
    > > > Thanks in advance.
    > >
    > > Personally, I would use a hardware firewall appliance. That, or you
    could
    > > upgrade your NT servers to Windows 2000 or 2003 Server and make use of
    the
    > > built-in IPSec filtering functionality. It's kind of buried in the
    > > documentation, but every WinNT-based OS since 2000 has had fairly robust
    > > IPSec functionality. It just isn't particularly easy to find and/or
    > > configure. But, unfortunately, no... I don't know of any host-based
    firewall
    > > products that I would recommend for a server deployment... at least not
    any
    > > that I would considere to be low-cost. Let me know if you find one.
    > >
    > > Alec
    >
    >
    > OK. Can anyone suggest a hardware firewall with the following
    > qualities:
    >
    > * small and low power (similar to a home router)
    > * firewall only (no need for routing, just IPTABLE-style INPUT
    > filtering)
    > * not more than $200

    Wow! You can put that low a price on your network security?

    Dig deeper and buy a Watchguard Firebox. Try a SOHO 6. You will not regret
    it.

    Do not use a software firewall on a server.
  7. Archived from groups: comp.security.firewalls (More info?)

    On Thu, 17 Jun 2004 19:37:26, bob <Jwx1.nothing@bellsouth.net> wrote:

    > >> A pc with linux installed is not an option since this is too big and
    > >> draws too much power
    >
    > What about linux on an old laptop? Sometimes pentium laptops sell on ebay
    > in the $200 range. Power consumption would be low and they're fairly small.

    A PC will have room for two network cards (one for LAN, one for WAN).
    A laptop may have room for two "thin" PCMCIA network-cards,
    or one "built-in" NIC and one PCMCIA NIC, if you can get Linux drivers
    for the NICs.
Ask a new question

Read More

Firewalls Domain Software Windows NT Networking