[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OT: Firewall/VPN Appliances



PureBytes Links

Trading Reference Links

Hello:

Been doing some research on firewall appliances.  Couldn't find
review/comparison/rating articles to my satisfaction so I decided to
try them myself.  The three I'm familiar with are web-configurable,
which is a big plus.  They are:

Symantec model 100 Firewall/VPN appliance:
http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=63

Expensive. Doesn't have stateful packet inspection, but will not cause
you trouble when you run internet datafeed trading platforms behind
it.

Netgear FVS318 Prosafe VPN Firewall appliance:
http://www.netgear.com/products/prod_details.asp?prodID=129&view=sb

Much better web interface with a more descriptive incident log.  Has
stateful packet inspection.  But you will have to open ports in order
to run internet trading software.  It's price is reasonable.  However,
from my experience with higher-end solid state equipment made in
China, inventories tend to be loaded with lemons.  So I went ahead and
got another one and sure enough it behaved differently.  Same model,
firmware, etc. When I opened the proper ports for the trading
software, one worked and the other didn't.

Linksys BEFSX41 Firewall/VPN appliance:
http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=433

Best web interface, imo, and a descriptive incident log.  Like the
Netgear router, you will have to open ports.  When I tried the
software, the firewall dropped the connection and had to reboot the
firewall appliance.  Still working on this.


I think the latter two appliances are designed for someone who checks
email, surfs the web, and perhaps play a few network games --but not
for the trading software user.  Works well with Symantec, but not sure
if Symantec's model is as secure as the newer firewalls from Linksys
and Netgear.

Still researching to see if these firewalls are satisfactory before
moving onto something more hard core, like:
http://www.securecomputing.com/index.cfm?skey=232


What I have noticed is that the firewall logs are getting better and
more descriptive.  After a few days of testing, the
log showed an unsuccessful firewall login attempt (I had remote login
enabled).  I traced the ip and to my horror, it came from an ip block
reserved for my isp's broadband research and development team. I sent
an abuse complaint, for what it's worth.  Amazing.  Sometimes I wonder
which side these IP professionals are on and
whether they have enough work to do, so that they don't spend their
work hours hacking.