Firewall Appliance Suggestions?

Discussion in 'Computer Support' started by WhzzKdd, Aug 21, 2007.

  1. WhzzKdd

    WhzzKdd Guest

    Okay, we're changing from Novell Netware to Windows Server 2003. Our current
    Netware config has a software firewall (BorderManager), but that will be
    going "bye-bye". So we're looking into firewall appliances - something I've
    never dealt with. I've had three units suggested to me:

    Zywall 70
    Watchguard Firebox X550E
    Sonicwall 2040

    Does anyone have any experience or comments that would be helpful in
    determining which would be most practical - ease of use, reliability, etc.?
    Or perhaps alternative units?

    Thanks!
    WhzzKdd, Aug 21, 2007
    #1
    1. Advertising

  2. WhzzKdd

    Leythos Guest

    In article <46cb1f0d$2lemon.net>,
    frack_this@email_is.invalid says...
    > Okay, we're changing from Novell Netware to Windows Server 2003. Our current
    > Netware config has a software firewall (BorderManager), but that will be
    > going "bye-bye". So we're looking into firewall appliances - something I've
    > never dealt with. I've had three units suggested to me:
    >
    > Zywall 70
    > Watchguard Firebox X550E
    > Sonicwall 2040
    >
    > Does anyone have any experience or comments that would be helpful in
    > determining which would be most practical - ease of use, reliability, etc.?
    > Or perhaps alternative units?


    Wiz, I'm very partial to WatchGuard units and I can either help you with
    config via email or in Usenet, best to post to the Firewall Usenet
    groups if you want quality opinions about all options.

    The X550e is simple, easy, and it will also provide attachment filtering
    for your email server, block files from being downloaded in HTTP
    sessions, has web blocking services (optional) that allow simple
    selection of many categories. I can send you a IP block list that will
    block many of the spammer/scanner networks outside the USA if you want.

    --
    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Aug 21, 2007
    #2
    1. Advertising

  3. WhzzKdd

    WhzzKdd Guest

    "Leythos" <> wrote in message
    news:...
    > In article <46cb1f0d$2lemon.net>,
    > frack_this@email_is.invalid says...
    >> Okay, we're changing from Novell Netware to Windows Server 2003. Our
    >> current
    >> Netware config has a software firewall (BorderManager), but that will be
    >> going "bye-bye". So we're looking into firewall appliances - something
    >> I've
    >> never dealt with. I've had three units suggested to me:
    >>
    >> Zywall 70
    >> Watchguard Firebox X550E
    >> Sonicwall 2040
    >>
    >> Does anyone have any experience or comments that would be helpful in
    >> determining which would be most practical - ease of use, reliability,
    >> etc.?
    >> Or perhaps alternative units?

    >
    > Wiz, I'm very partial to WatchGuard units and I can either help you with
    > config via email or in Usenet, best to post to the Firewall Usenet
    > groups if you want quality opinions about all options.
    >
    > The X550e is simple, easy, and it will also provide attachment filtering
    > for your email server, block files from being downloaded in HTTP
    > sessions, has web blocking services (optional) that allow simple
    > selection of many categories. I can send you a IP block list that will
    > block many of the spammer/scanner networks outside the USA if you want.
    >


    I liked what I saw on their website. I like the idea of the spam blocking
    options. We do use a couple of VPN connections - remote access for myself
    and one salesperson who works out of his home. Are there any additional
    hardware/software requirements for the client side to accomplish VPN
    connections?

    The consultants we are probably going to use to set up the SQL server are
    pushing the Sonicwall - probably because they are familiar with it already.
    Their company also provides spam filtering and they want to sell us that
    service as a monthly subscription. I hate monthly fees <g>
    WhzzKdd, Aug 21, 2007
    #3
  4. WhzzKdd

    Leythos Guest

    In article <46cb2e07$2lemon.net>,
    frack_this@email_is.invalid says...
    > "Leythos" <> wrote in message
    > news:...
    > > In article <46cb1f0d$2lemon.net>,
    > > frack_this@email_is.invalid says...
    > >> Okay, we're changing from Novell Netware to Windows Server 2003. Our
    > >> current
    > >> Netware config has a software firewall (BorderManager), but that will be
    > >> going "bye-bye". So we're looking into firewall appliances - something
    > >> I've
    > >> never dealt with. I've had three units suggested to me:
    > >>
    > >> Zywall 70
    > >> Watchguard Firebox X550E
    > >> Sonicwall 2040
    > >>
    > >> Does anyone have any experience or comments that would be helpful in
    > >> determining which would be most practical - ease of use, reliability,
    > >> etc.?
    > >> Or perhaps alternative units?

    > >
    > > Wiz, I'm very partial to WatchGuard units and I can either help you with
    > > config via email or in Usenet, best to post to the Firewall Usenet
    > > groups if you want quality opinions about all options.
    > >
    > > The X550e is simple, easy, and it will also provide attachment filtering
    > > for your email server, block files from being downloaded in HTTP
    > > sessions, has web blocking services (optional) that allow simple
    > > selection of many categories. I can send you a IP block list that will
    > > block many of the spammer/scanner networks outside the USA if you want.
    > >

    >
    > I liked what I saw on their website. I like the idea of the spam blocking
    > options. We do use a couple of VPN connections - remote access for myself
    > and one salesperson who works out of his home. Are there any additional
    > hardware/software requirements for the client side to accomplish VPN
    > connections?


    You have several methods - you can use the WG Firewall Client software
    or Windows VPN services, or you can authenticate with the Firewall via
    HTTP or other and then use that AUTH user to allow rules to work without
    a VPN.

    > The consultants we are probably going to use to set up the SQL server are
    > pushing the Sonicwall - probably because they are familiar with it already.
    > Their company also provides spam filtering and they want to sell us that
    > service as a monthly subscription. I hate monthly fees <g>


    Many people that push a product make money of selling it to you too :)
    The WG units we've installed, purchased by the customers directly, have
    passed SOX and Homeland Defense audits at every location.

    Most Firewall appliances come with spam filtering services, but I've
    only found two that I actually like - for hands off, completely, I like
    the barracuda spam firewall, for one that allows the admin and users to
    train it without little effort, for great control of attachments and
    malware and reporting, I like GFI Mail Security and GFI Mail Essentials.

    The WG web blocker and Spam services are yearly subscription services.


    --
    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Aug 21, 2007
    #4
  5. WhzzKdd

    WhzzKdd Guest

    "Leythos" <> wrote in message
    news:...
    > In article <46cb2e07$2lemon.net>,
    > frack_this@email_is.invalid says...
    >> "Leythos" <> wrote in message
    >> news:...
    >> > In article <46cb1f0d$2lemon.net>,
    >> > frack_this@email_is.invalid says...
    >> >> Okay, we're changing from Novell Netware to Windows Server 2003. Our
    >> >> current
    >> >> Netware config has a software firewall (BorderManager), but that will
    >> >> be
    >> >> going "bye-bye". So we're looking into firewall appliances - something
    >> >> I've
    >> >> never dealt with. I've had three units suggested to me:
    >> >>
    >> >> Zywall 70
    >> >> Watchguard Firebox X550E
    >> >> Sonicwall 2040
    >> >>
    >> >> Does anyone have any experience or comments that would be helpful in
    >> >> determining which would be most practical - ease of use, reliability,
    >> >> etc.?
    >> >> Or perhaps alternative units?
    >> >
    >> > Wiz, I'm very partial to WatchGuard units and I can either help you
    >> > with
    >> > config via email or in Usenet, best to post to the Firewall Usenet
    >> > groups if you want quality opinions about all options.
    >> >
    >> > The X550e is simple, easy, and it will also provide attachment
    >> > filtering
    >> > for your email server, block files from being downloaded in HTTP
    >> > sessions, has web blocking services (optional) that allow simple
    >> > selection of many categories. I can send you a IP block list that will
    >> > block many of the spammer/scanner networks outside the USA if you want.
    >> >

    >>
    >> I liked what I saw on their website. I like the idea of the spam blocking
    >> options. We do use a couple of VPN connections - remote access for myself
    >> and one salesperson who works out of his home. Are there any additional
    >> hardware/software requirements for the client side to accomplish VPN
    >> connections?

    >
    > You have several methods - you can use the WG Firewall Client software
    > or Windows VPN services, or you can authenticate with the Firewall via
    > HTTP or other and then use that AUTH user to allow rules to work without
    > a VPN.
    >
    >> The consultants we are probably going to use to set up the SQL server are
    >> pushing the Sonicwall - probably because they are familiar with it
    >> already.
    >> Their company also provides spam filtering and they want to sell us that
    >> service as a monthly subscription. I hate monthly fees <g>

    >
    > Many people that push a product make money of selling it to you too :)


    We strongly prefer to get our hardware ourselves, for that very reason <g>

    >
    > Most Firewall appliances come with spam filtering services, but I've
    > only found two that I actually like - for hands off, completely, I like
    > the barracuda spam firewall,


    That IS nice - I could even get that installed into my Novell system before
    we actually get to start the changeover! I imagine there is a subscription
    fee on this unit for the updates.
    WhzzKdd, Aug 21, 2007
    #5
  6. WhzzKdd

    Mr. Arnold Guest

    >
    > I liked what I saw on their website. I like the idea of the spam blocking
    > options. We do use a couple of VPN connections - remote access for myself
    > and one salesperson who works out of his home. Are there any additional
    > hardware/software requirements for the client side to accomplish VPN
    > connections?
    >
    > The consultants we are probably going to use to set up the SQL server are
    > pushing the Sonicwall - probably because they are familiar with it
    > already. Their company also provides spam filtering and they want to sell
    > us that service as a monthly subscription. I hate monthly fees <g>


    I use a Watch guard myself, when I have my home network set-up at home. At
    the moment, it's all in storage while I am on the road contracting. The WG,
    my first FW appliance, is very easy to use.
    Mr. Arnold, Aug 21, 2007
    #6
  7. WhzzKdd

    Desk Rabbit Guest

    WhzzKdd wrote:

    > The consultants we are probably going to use to set up the SQL server are
    > pushing the Sonicwall - probably because they are familiar with it already.
    > Their company also provides spam filtering and they want to sell us that
    > service as a monthly subscription. I hate monthly fees <g>


    If you don't like fees, go with the Zywall. No fees for updates or
    licences for users. Use a seperate box for spam filtering.
    Desk Rabbit, Aug 21, 2007
    #7
  8. WhzzKdd

    Leythos Guest

    In article <2lemon.net>, frack_this@email_is.invalid
    says...
    > "Leythos" <> wrote in message
    > news:...
    > > In article <46cb2e07$2lemon.net>,
    > > frack_this@email_is.invalid says...
    > >> "Leythos" <> wrote in message
    > >> news:...
    > >> > In article <46cb1f0d$2lemon.net>,
    > >> > frack_this@email_is.invalid says...
    > >> >> Okay, we're changing from Novell Netware to Windows Server 2003. Our
    > >> >> current
    > >> >> Netware config has a software firewall (BorderManager), but that will
    > >> >> be
    > >> >> going "bye-bye". So we're looking into firewall appliances - something
    > >> >> I've
    > >> >> never dealt with. I've had three units suggested to me:
    > >> >>
    > >> >> Zywall 70
    > >> >> Watchguard Firebox X550E
    > >> >> Sonicwall 2040
    > >> >>
    > >> >> Does anyone have any experience or comments that would be helpful in
    > >> >> determining which would be most practical - ease of use, reliability,
    > >> >> etc.?
    > >> >> Or perhaps alternative units?
    > >> >
    > >> > Wiz, I'm very partial to WatchGuard units and I can either help you
    > >> > with
    > >> > config via email or in Usenet, best to post to the Firewall Usenet
    > >> > groups if you want quality opinions about all options.
    > >> >
    > >> > The X550e is simple, easy, and it will also provide attachment
    > >> > filtering
    > >> > for your email server, block files from being downloaded in HTTP
    > >> > sessions, has web blocking services (optional) that allow simple
    > >> > selection of many categories. I can send you a IP block list that will
    > >> > block many of the spammer/scanner networks outside the USA if you want.
    > >> >
    > >>
    > >> I liked what I saw on their website. I like the idea of the spam blocking
    > >> options. We do use a couple of VPN connections - remote access for myself
    > >> and one salesperson who works out of his home. Are there any additional
    > >> hardware/software requirements for the client side to accomplish VPN
    > >> connections?

    > >
    > > You have several methods - you can use the WG Firewall Client software
    > > or Windows VPN services, or you can authenticate with the Firewall via
    > > HTTP or other and then use that AUTH user to allow rules to work without
    > > a VPN.
    > >
    > >> The consultants we are probably going to use to set up the SQL server are
    > >> pushing the Sonicwall - probably because they are familiar with it
    > >> already.
    > >> Their company also provides spam filtering and they want to sell us that
    > >> service as a monthly subscription. I hate monthly fees <g>

    > >
    > > Many people that push a product make money of selling it to you too :)

    >
    > We strongly prefer to get our hardware ourselves, for that very reason <g>
    >
    > >
    > > Most Firewall appliances come with spam filtering services, but I've
    > > only found two that I actually like - for hands off, completely, I like
    > > the barracuda spam firewall,

    >
    > That IS nice - I could even get that installed into my Novell system before
    > we actually get to start the changeover! I imagine there is a subscription
    > fee on this unit for the updates.


    Actually, the web blocking database resides on a server in your LAN and
    the firewall queries it. Yearly subscriptions are the norm.

    --
    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Aug 21, 2007
    #8
  9. WhzzKdd

    Leythos Guest

    In article <>,
    says...
    > WhzzKdd wrote:
    >
    > > The consultants we are probably going to use to set up the SQL server are
    > > pushing the Sonicwall - probably because they are familiar with it already.
    > > Their company also provides spam filtering and they want to sell us that
    > > service as a monthly subscription. I hate monthly fees <g>

    >
    > If you don't like fees, go with the Zywall. No fees for updates or
    > licences for users. Use a seperate box for spam filtering.


    Zywall support sucks, more than any other vendor I've worked with.

    --
    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Aug 21, 2007
    #9
  10. It was on, or about, Mon, 20 Aug 2007 19:12:39 -0700, that as I was
    halfway through a large jam doughnut, WhzzKdd wrote:

    > Okay, we're changing from Novell Netware to Windows Server 2003. Our
    > current Netware config has a software firewall (BorderManager), but that
    > will be going "bye-bye". So we're looking into firewall appliances -
    > something I've never dealt with. I've had three units suggested to me:
    >
    > Zywall 70
    > Watchguard Firebox X550E
    > Sonicwall 2040
    >
    > Does anyone have any experience or comments that would be helpful in
    > determining which would be most practical - ease of use, reliability,
    > etc.? Or perhaps alternative units?
    >
    > Thanks!


    If you have a redundant PC, try Smoothwall.
    http://www.smoothwall.org/about/

    --
    In response to a jerk killing FireFox
    on his website. ;-)
    http://slated.org/killbillsbrowser.html
    William Poaster, Aug 21, 2007
    #10
  11. WhzzKdd

    Desk Rabbit Guest

    Leythos wrote:
    > In article <>,
    > says...
    >> WhzzKdd wrote:
    >>
    >>> The consultants we are probably going to use to set up the SQL server are
    >>> pushing the Sonicwall - probably because they are familiar with it already.
    >>> Their company also provides spam filtering and they want to sell us that
    >>> service as a monthly subscription. I hate monthly fees <g>

    >> If you don't like fees, go with the Zywall. No fees for updates or
    >> licences for users. Use a seperate box for spam filtering.

    >
    > Zywall support sucks, more than any other vendor I've worked with.
    >

    Here in the UK, support is excellent both from the distributors and
    Zyxel themselves.
    Desk Rabbit, Aug 21, 2007
    #11
  12. WhzzKdd

    Leythos Guest

    In article <>,
    says...
    > Leythos wrote:
    > > In article <>,
    > > says...
    > >> WhzzKdd wrote:
    > >>
    > >>> The consultants we are probably going to use to set up the SQL server are
    > >>> pushing the Sonicwall - probably because they are familiar with it already.
    > >>> Their company also provides spam filtering and they want to sell us that
    > >>> service as a monthly subscription. I hate monthly fees <g>
    > >> If you don't like fees, go with the Zywall. No fees for updates or
    > >> licences for users. Use a seperate box for spam filtering.

    > >
    > > Zywall support sucks, more than any other vendor I've worked with.
    > >

    > Here in the UK, support is excellent both from the distributors and
    > Zyxel themselves.


    Last year I called with pre-sales technical questions and they spent 7
    days trying to get an answer and then they were unsure. I've got reports
    that match my current view of them from several friends that no longer
    use their devices.

    --
    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Aug 21, 2007
    #12
  13. WhzzKdd

    WhzzKdd Guest

    "Leythos" <> wrote in message
    news:...
    > In article <>,
    > says...
    >> Leythos wrote:
    >> > In article <>,
    >> > says...
    >> >> WhzzKdd wrote:
    >> >>
    >> >>> The consultants we are probably going to use to set up the SQL server
    >> >>> are
    >> >>> pushing the Sonicwall - probably because they are familiar with it
    >> >>> already.
    >> >>> Their company also provides spam filtering and they want to sell us
    >> >>> that
    >> >>> service as a monthly subscription. I hate monthly fees <g>
    >> >> If you don't like fees, go with the Zywall. No fees for updates or
    >> >> licences for users. Use a seperate box for spam filtering.
    >> >
    >> > Zywall support sucks, more than any other vendor I've worked with.
    >> >

    >> Here in the UK, support is excellent both from the distributors and
    >> Zyxel themselves.

    >
    > Last year I called with pre-sales technical questions and they spent 7
    > days trying to get an answer and then they were unsure. I've got reports
    > that match my current view of them from several friends that no longer
    > use their devices.
    >


    Also very good to know - thanks!
    WhzzKdd, Aug 21, 2007
    #13
  14. WhzzKdd

    nobody > Guest

    Leythos wrote:

    > Most Firewall appliances come with spam filtering services, but I've
    > only found two that I actually like - for hands off, completely, I like
    > the barracuda spam firewall, for one that allows the admin and users to
    > train it without little effort, for great control of attachments and
    > malware and reporting, I like GFI Mail Security and GFI Mail Essentials.



    The Cuda needs to be set for "no bounce" on NDRs. Google on
    barracuda+backscatter

    One spam run with your email address forged as "From" or "Return path"
    will get you 500+ backscatter bounces off Barracudas. Call it a DDoS or
    a mailbombing, effect is the same.
    nobody >, Aug 22, 2007
    #14
  15. WhzzKdd

    Leythos Guest

    In article <>,
    says...
    > Leythos wrote:
    >
    > > Most Firewall appliances come with spam filtering services, but I've
    > > only found two that I actually like - for hands off, completely, I like
    > > the barracuda spam firewall, for one that allows the admin and users to
    > > train it without little effort, for great control of attachments and
    > > malware and reporting, I like GFI Mail Security and GFI Mail Essentials.

    >
    >
    > The Cuda needs to be set for "no bounce" on NDRs. Google on
    > barracuda+backscatter
    >
    > One spam run with your email address forged as "From" or "Return path"
    > will get you 500+ backscatter bounces off Barracudas. Call it a DDoS or
    > a mailbombing, effect is the same.


    I never send NDR or other reject messages. It's been a bad idea since
    spam started.

    --
    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Aug 22, 2007
    #15
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Turrekens Jurgen
    Replies:
    3
    Views:
    3,209
    Michael Janke
    Jul 8, 2004
  2. dotrecruiters
    Replies:
    0
    Views:
    448
    dotrecruiters
    Aug 26, 2005
  3. Doug Fox

    Ports for Cisco VPN 3000 appliance

    Doug Fox, Sep 9, 2005, in forum: Cisco
    Replies:
    1
    Views:
    824
    Walter Roberson
    Sep 9, 2005
  4. dwacon

    Anti-Spyware Appliance?

    dwacon, Mar 26, 2005, in forum: Computer Support
    Replies:
    2
    Views:
    662
  5. Ipeefreely
    Replies:
    5
    Views:
    1,030
Loading...

Share This Page