[Dshield] Preferred firewall

Robert Voje robert at voje.net
Mon Aug 18 18:01:45 GMT 2003


As a result of the current threats on the internet, I have aquired an extra
budget for buying a decent firewall for our company.
Which model do I choose?

The following features should be there:

  Remote administration (web/telnet)
  Mac address checking on all rules and on remote admin access.
  Redirection of incoming/outgoing port numbers
  VPN (at least 4-5 channels)
  DMZ zone
  Free access to configuration (I do not want to pay $$ for every change I
want to make...)
  Well known brand/model

I would also like to have these features:

  No restart of firewall upon changes (that sucks when making changes during
working hours...)
  Nice (and fast) administration GUI.

To add some facts of our line of work - we are software developmers, and
sometimes we have a need to temporary opening and closing ports due to
software testing.
I know, that's a big hole in security, but it's the way we want to do it.

A really nice thing would be if we were able to run a selected number of
developer PS's on a shielded subnet, like a second DMZ controlled and routed
by the firewall.

My budget is limited to about $3000.

Feel free to respond if you have any good recommendation.
Btw. our nearest neighbour is a Cisco dealer... ;-)
--
Robert





More information about the list mailing list