Setup of Firewall checkpoint / Firewall servers 3

[libroos]

Dear all,

Sorry, I am quite new in Firewall.

What are the differences between employing Firewall checkpoints and a Firewall server? What are the important aspect that I have to look into when installing a Firewall?

I have a range of 255 IP addresses. The rates based on firewall checkpoints would be quite costly. But it is not cheap either for using Firewall server.

Any suggestions? I am looking at 3COM Superstack Firewall, which offers easy configuration.

Any feedbacks?

Thank you.

Regards,
libroos

 

[kpt112]

In answer to several of your questions, here you go.

What are the differences between employing Firewall checkpoints and a Firewall server?

A firewall can be setup on different types of platforms (i.e. Hardware, software, Unix, NT, Linux SunSParc, PIX Firewall, Raptor. It protects your network.

As far as a Checkpoint Firewalls, Checkpoint is a company that builds and sells their own firewall product. It is software based and can be installed on a varity of platforms such as NT and Unix. The great part about checkpoint is as follows:

1. It is very popular.
2. It is not hardware specific like the Cisco PIX firewall.
3. It works very well on small and large networks.
4. I also does address translation which can be great if you wnat to hide your network and buy on one IP address from your ISP.
5. The bad part is Checkpoint licenses their product by the number of IP addresses behind you firewall. So even if you have a switch with an IP address behind your firewall you still have to pay for a license even though that IP address will never go out on the Internet.
6. You can get around this. If you have 100 IP addresses behind your firewall and you only buy 50 licenses you will simply get a annoying message but it will not prevent checkpoint from working.



What are the important aspect that I have to look into when installing a Firewall?

1. Get a good traning class, deny everthing (all traffic)and work backwards. Find about all the little crap like the how to add items to the ARP table and know all the critical files if you ever need to rebuild your server. I would highly suggest using Norton Ghost once you get your server configured.


Any suggestions? I am looking at 3COM Superstack Firewall, which offers easy configuration.

1. If you can afford it buy Checkpoint and throw it on a NT 4.0 Machine. Much better technology. read up on Checkpoints stateful inspection at

http://www.checkpoint.com

or look directly at Checkpoint's Firewall 1 firewall at

http://www.checkpoint.com/products/firewall-1/index.html

Good Luck!

 

[Guest_imported]

A little reccomendation if you go with Checkpoint. Spend a few extra dollars and get a UNIX platform. You don't have to buy a sparc workstation, just some PC that will run UNIX. It's much more secure and chances are it will never freeze or breakdown. I think the two things you want for an internet connection are superb protection and an always up connection. At our company if the connection goes down the fur flies.