Software firewall for Windows NT domain controllers

[Guest]

Archived from groups: comp.security.firewalls (More info?)

We are looking for a software firewall product that we can install on
our Windows NT primary and backup domain controllers. The "personal"
products almost work, but the few we have tried all seem to have some
flaw. We are looking for a product with roughly the same functionality
as Linux's IPTABLES (so, for example, we don't need e-mail or virus
scanning, or "application tampering" features, just an IP-based
firewall).

Is anyone using one they would recommend? Price is a factor, but we
are certainly willing to pay a reasonable amount.

Thanks in advance.

 

[Alec]

Archived from groups: comp.security.firewalls (More info?)

"Rich Evans" <google@macrotex.net> wrote in message
news:422494b1.0406152124.10a26d29@posting.google.com...
> We are looking for a software firewall product that we can install on
> our Windows NT primary and backup domain controllers. The "personal"
> products almost work, but the few we have tried all seem to have some
> flaw. We are looking for a product with roughly the same functionality
> as Linux's IPTABLES (so, for example, we don't need e-mail or virus
> scanning, or "application tampering" features, just an IP-based
> firewall).
>
> Is anyone using one they would recommend? Price is a factor, but we
> are certainly willing to pay a reasonable amount.
>
> Thanks in advance.

Personally, I would use a hardware firewall appliance. That, or you could
upgrade your NT servers to Windows 2000 or 2003 Server and make use of the
built-in IPSec filtering functionality. It's kind of buried in the
documentation, but every WinNT-based OS since 2000 has had fairly robust
IPSec functionality. It just isn't particularly easy to find and/or
configure. But, unfortunately, no... I don't know of any host-based firewall
products that I would recommend for a server deployment... at least not any
that I would considere to be low-cost. Let me know if you find one.

Alec

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Alec" <alec@nospam.com> wrote in message news:<chaAc.1267$yt1.477@newssvr23.news.prodigy.com>...
> "Rich Evans" <google@macrotex.net> wrote in message
> news:422494b1.0406152124.10a26d29@posting.google.com...
> > We are looking for a software firewall product that we can install on
> > our Windows NT primary and backup domain controllers. The "personal"
> > products almost work, but the few we have tried all seem to have some
> > flaw. We are looking for a product with roughly the same functionality
> > as Linux's IPTABLES (so, for example, we don't need e-mail or virus
> > scanning, or "application tampering" features, just an IP-based
> > firewall).
> >
> > Is anyone using one they would recommend? Price is a factor, but we
> > are certainly willing to pay a reasonable amount.
> >
> > Thanks in advance.
>
> Personally, I would use a hardware firewall appliance. That, or you could
> upgrade your NT servers to Windows 2000 or 2003 Server and make use of the
> built-in IPSec filtering functionality. It's kind of buried in the
> documentation, but every WinNT-based OS since 2000 has had fairly robust
> IPSec functionality. It just isn't particularly easy to find and/or
> configure. But, unfortunately, no... I don't know of any host-based firewall
> products that I would recommend for a server deployment... at least not any
> that I would considere to be low-cost. Let me know if you find one.
>
> Alec


OK. Can anyone suggest a hardware firewall with the following
qualities:

* small and low power (similar to a home router)
* firewall only (no need for routing, just IPTABLE-style INPUT
filtering)
* not more than $200

A pc with linux installed is not an option since this is too big and
draws too much power.

Thanks.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <422494b1.0406170811.38cf2e45@posting.google.com>,
google@macrotex.net says...
[snip]
> OK. Can anyone suggest a hardware firewall with the following
> qualities:
>
> * small and low power (similar to a home router)
> * firewall only (no need for routing, just IPTABLE-style INPUT
> filtering)
> * not more than $200
>
> A pc with linux installed is not an option since this is too big and
> draws too much power

I don't know of ANY firewall appliance on the market that costs under
$200. About the only thing you can do is bid on ebay for one that has
the features you want and hope you can get it cheaper.



--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Bob]

Archived from groups: comp.security.firewalls (More info?)

Leythos <void@nowhere.com> wrote in news:MPG.1b3bbd1fcaec9cc398a654@news-
server.columbus.rr.com:

> In article <422494b1.0406170811.38cf2e45@posting.google.com>,
> google@macrotex.net says...
> [snip]
>> OK. Can anyone suggest a hardware firewall with the following
>> qualities:
>>
>> * small and low power (similar to a home router)
>> * firewall only (no need for routing, just IPTABLE-style INPUT
>> filtering)
>> * not more than $200
>>
>> A pc with linux installed is not an option since this is too big and
>> draws too much power
>
> I don't know of ANY firewall appliance on the market that costs under
> $200. About the only thing you can do is bid on ebay for one that has
> the features you want and hope you can get it cheaper.
>
>
>

What about linux on an old laptop? Sometimes pentium laptops sell on ebay
in the $200 range. Power consumption would be low and they're fairly
small.

Bob

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

bob wrote:

> What about linux on an old laptop? Sometimes pentium laptops sell on ebay
> in the $200 range. Power consumption would be low and they're fairly
> small.

.... and it even comes with a built-in uniterruptable power supply

;-)

Wolfgang
--
A foreign body and a foreign mind
never welcome in the land of the blind.
from 'Not one of us', (c) 1980 Peter Gabriel

 

[Mike]

Archived from groups: comp.security.firewalls (More info?)

"Rich Evans" <google@macrotex.net> wrote in message
news:422494b1.0406170811.38cf2e45@posting.google.com...
> "Alec" <alec@nospam.com> wrote in message
news:<chaAc.1267$yt1.477@newssvr23.news.prodigy.com>...
> > "Rich Evans" <google@macrotex.net> wrote in message
> > news:422494b1.0406152124.10a26d29@posting.google.com...
> > > We are looking for a software firewall product that we can install on
> > > our Windows NT primary and backup domain controllers. The "personal"
> > > products almost work, but the few we have tried all seem to have some
> > > flaw. We are looking for a product with roughly the same functionality
> > > as Linux's IPTABLES (so, for example, we don't need e-mail or virus
> > > scanning, or "application tampering" features, just an IP-based
> > > firewall).
> > >
> > > Is anyone using one they would recommend? Price is a factor, but we
> > > are certainly willing to pay a reasonable amount.
> > >
> > > Thanks in advance.
> >
> > Personally, I would use a hardware firewall appliance. That, or you
could
> > upgrade your NT servers to Windows 2000 or 2003 Server and make use of
the
> > built-in IPSec filtering functionality. It's kind of buried in the
> > documentation, but every WinNT-based OS since 2000 has had fairly robust
> > IPSec functionality. It just isn't particularly easy to find and/or
> > configure. But, unfortunately, no... I don't know of any host-based
firewall
> > products that I would recommend for a server deployment... at least not
any
> > that I would considere to be low-cost. Let me know if you find one.
> >
> > Alec
>
>
> OK. Can anyone suggest a hardware firewall with the following
> qualities:
>
> * small and low power (similar to a home router)
> * firewall only (no need for routing, just IPTABLE-style INPUT
> filtering)
> * not more than $200

Wow! You can put that low a price on your network security?

Dig deeper and buy a Watchguard Firebox. Try a SOHO 6. You will not regret
it.

Do not use a software firewall on a server.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Thu, 17 Jun 2004 19:37:26, bob <Jwx1.nothing@bellsouth.net> wrote:

> >> A pc with linux installed is not an option since this is too big and
> >> draws too much power
>
> What about linux on an old laptop? Sometimes pentium laptops sell on ebay
> in the $200 range. Power consumption would be low and they're fairly small.

A PC will have room for two network cards (one for LAN, one for WAN).
A laptop may have room for two "thin" PCMCIA network-cards,
or one "built-in" NIC and one PCMCIA NIC, if you can get Linux drivers
for the NICs.