Firewall suggestion for DSL 1

[levee]

In the next few months I'm going to be bringing DSL service into my work place and I need some help on a hardware firewall. I have about 60 users spread out between four locations and will hopefully have them all setup with DSL service by the end of next summer. I want to connect my branch's up to us using a VPN solution. Theirs certain features that I want on this firewall. I would like to be able to shut down all Internet service (incoming/outgoing) after hours and on weekends because that just invites hackers into your system. So I guess the firewall would need an internal clock of some kind. I also want to have my users log in before using the Internet and restrict my users to a certain list of web sites that they will have access to. One more concern I have. We aren't using a formal PC network here (Win2000 or Novell) but we do have our PC's connected into a hub and we have sharing enabled to use printer's on the network and to share some files. Do I need to worry about changing any of this if we have a good firewall system in place?

 

[Cirvam]

I have a simliar (although smaller) setup at my house, I find using a linux based pc that has all services turned off and have it defaulty deny all packets. That works good because then it uses ip masqurading to let 5-10 pcs access the internet though 1 ip and anyone who would try to access any internal pcs is rejected


Erik
cirvam@netzero.net

Looking to learn more about Linux, Apache, PHP and others.

 

[nlm9802]

hmm..

just an idea, but have you thought about an NT server?
throw ms proxy server on it, and blackice defender or a similar software firewall.

This will force users to log on to access network resources, you can also restrict access to pages and ports via proxy server. That alone is sufficient to be labelled a firewall. You can set your entire network up using the 10.1.1.0 network and give the dsl ip to the nt server.

just ensure you put the latest service packs (currently 6a i believe, and sp2 for proxy.)

 

[wybnormal]

I would not recommend NT or any other OS as a firewall. I would suggest a "black box".. ie a router. That way if anything goes wrong.. ie... power, it will come back without any intravention. Servers have moving parts like hard drives and they break. They get corrupted when the system crashes and scrambles things.

Just my 2 cents

Mike S

 

[flipper]

Winproxy has all the features for networking computers over a DSL or Cable connection as well as a firewall that will place all ports into stealth mode. Can set content and the time when other users may access the internet, with password protection for access as well. It also comes with banner blocking and anti virus protection for 6 months and then must be perchased for a small fee if you would like to keep the extra features. Ports can be opened as to access it from outside (Over the net or phone line).

 

[bigdawg]

I agree with "wybnormal" in using a router to protect your lan network.

But if this is not good for your environment, try using Winroute. It protects like a firewall and uses NAT technology for added protection. It is produced by Tiny Software and the address is either "

http://www.winroute.com"

or "

http://www.tinysoftware.com".

Good luck and I hope this helps you in some way.