Re: [cobalt-users] Co-Lo Hardware Firewall

["Chris" <clathem@xxxxxxxxxxxxx>]

----- Original Message -----
From: "Paul Shuttleworth" <>
To: "Cobalt Users Listserver" <>
Sent: Tuesday, March 18, 2003 7:06 AM
Subject: [cobalt-users] Co-Lo Hardware Firewall


> We are looking at putting one or two servers in at a new co-lo and are
> looking to put in some hardware firewall protection.
> They have said if we put in a small unit they will stick it behind the
RAQ4
> and not charge any extra for the space.
> Has any one got any suggestions for this, we need standard services
> dns,ntp,http,ssl,ssh,ftp,smtp,pop3 .. etc but want to close all other
ports
> which are not needed.
> Obviously it needs to have a web based administration although I don't see
> any need for VPN support at the moment.
> I have been looking at the Sonicwall soho3 which seems to fit the bill, at
> present 10 IP addresses would be enough and this can be upgraded to 25 or
50
> if needed including VPN support for 25 and above. Although they do charge
an
> annual fee for firmware updates etc.
>
> I know we could do this with ipchains etc but I feel a hardware firewall
> might be a better option and easier for management etc and could also be
> used for more than one server.
>
> Any one any thoughts or recommendations ?.
>
> Paul.
>
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

I would have to recommend NetScreen. I've used them for a couple of years
now, and I'd have to say they are solid and stable. In event you decide to
use VPN, it is already built into the firewall appliance as well.

They too have maintenance contracts for hardware, support, and software
upgrades, but I think the pricing is reasonable, so it doesn't seem to be a
big problem to me.

Just my .02 worth.

Regards,
Chris