Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: open
I may be wrong though - has anyone had any suceess/failure with a simple box in this scenario, or any recommendations?
Thanks very much, AJP
Welcome to WebmasterWorld!
I like to keep the firewall/router function separate from any wireless functions, simply because wireless technology is improving so fast. The same applies to other combination-type units -- I like to keep the functions separate so I can upgrade parts independently as technology improves. I looked at Cisco and Sonicwall firewalls, but they are in a higher price class than what my budget allows for a small office set-up. With their e-mail and web-content filtering subscription costs, they are really set up for bigger operations.
So, after reading lots of reviews, posts on various forums, and user manuals, I finally settled on the NetGear FVS318, which combines a router with a stateful packet inspection firewall function. It's intended for use with ADSL or cable broadband modems, in that it uses ethernet-only interfaces. It supports eight VPN tunnels, in case I need VPN for a future project, but the price is much lower than the models that support hundreds of VPN connections. A newer model is coming out soon, so I got one for $93, plus a $10 rebate and free shipping.
I've only had it running for a few days and haven't seen any intrusion attempts, so I'll have to let you know later how well it works from a practical standpoint after I see a little abuse and see how well the unit handles it. In conjunction with Norton Anti-Virus on the client machines, I believe it will be sufficient for my needs. If not, I can always use Zone Alarm, Norton firewall, or Win XP firewall as a second layer of firewall protection while I save up for an "enterprise-class" unit.
I should clarify: this firewall is to sit in front of a Windows box will be located remotely in a server house.
My current favourite is the D-Link DFL-200 (approx 150 GBP) because it offers a dedicated DMZ port. That's what won it over the Netgear. My main concern is how much throughput matters. For instance, on the comparable Watchguard products, the Firebox V10, the Firewall is 75Mbps. I've previously used a sonicwall quoted at 200 with no problems. There's no figure quoted for the D-Link, nor Netgear.
So - is there any way of guaging / guessing how much you may need? Obviously no individual is going to connect at that speed.
[My normal configuration is to have to network connections on the server, one with an public address, and one with a private address; the public is routed through the DMZ and appropriately locked down, and the priavate is accessible through the VPN.]
Thanks everyone again.