Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Has anyone installed Symantec Enterprise Firewall?

Status
Not open for further replies.
ljCharlie

ljCharlie

IS-IT--Management
Apr 21, 2003
397
US
I'm looking into purchasing Symantec Enterprise Firewall for our organization. However, I'm not sure if it's going to work in our topology. I read a few documents and it said Symantec Enterprise Firewall requires to be installed on its own machine and nothing else should be installed in it. Symantec Enterprise Firewall also requires that this machine should have at least two NICs. This is how far I got with Symantec Enterprise Firewall. My question is, if the machine that Symantec Enterprise Firewall is installed is the gateway to the Internet then that means every client computers must be behind this machine, correct? So if I have more than one client computer than that means I need a switch behind the machine that Symantec Enterprise Firewall is installed to, right?

ljCharlie
 
Sort by date Sort by votes
I haven't read up on this app, but it sounds like it's attempting to compete with Cisco Pix, Netscreen, Check point etc. If so, you would have one NIC leading out of your network(ie. internet) and 1 NIC leading into your LAN. The default gateway for your network would be the LAN interface. So all traffic would need to pass through this interface to get out to the internet. Therefore, the server that this is installed on would need to be very secure.
 
Upvote 0 Downvote
I've actually been using SEF 7.0 and just upgraded to 8.0. It has been doing a very good job and i am pleased with it. It is an application/proxy based firewall. A connection made to a port on a proxy type firewall is 1st established and then the firewall makes a determination, based on filters, tunnels, rules and other criteria, whether to allow the traffic to pass the firewall or not. Connections are not passed as such, instead connections are proxied. The primary distinction between these two methods is that the proxy type firewall creates a new connection from the other interface rather than allowing a connection to pass. While this method is a little higher in overhead, it is infinitely more secure.
 
Upvote 0 Downvote
Many thanks for the help. Will using the SEF 8.0 make workstation that are outside the firewall slower when accessing resources behind the SEF server?

ljCharlie
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

EdwardMcClelland
  • Locked
  • Question
Google DNS works with Sonic-wall installed. Cox doesn't.
Replies
1
Views
269
ChrisHirst
ChrisHirst
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
311
hairlessupportmonkey
hairlessupportmonkey
hall5942
  • Locked
  • Question
open firewall port on 881
Replies
0
Views
210
hall5942
hall5942
hall5942
  • Locked
  • Question
open firewall port on 881
Replies
0
Views
197
hall5942
hall5942
RodneyMcSnow
  • Locked
  • Question
Windows 8.1 PRO has to open connections when NETSTAT is used.
Replies
0
Views
180
RodneyMcSnow
RodneyMcSnow

Part and Inventory Search

Sponsor

Back
Top