|
PureBytes Links
Trading Reference Links
|
Craig,
Thanks for the informative post. I don't know very much about firewalls but
I have been thinking about getting one of these:
Webramp 700s from http://www.centrix-intl.com/
It is an older model. However, it does have SPI and it only costs around
$40!
You can get more info from this AnandTech thread:
http://forums.anandtech.com/messageview.cfm?catid=40&threadid=910379
Best Regards,
PhilG
----- Original Message -----
From: _Craig <craigbud@xxxxxxxxxxx>
To: <Omega-list@xxxxxxxxxx>
Sent: Tuesday, December 17, 2002 11:08 AM
Subject: OT: Firewall/VPN Appliances
> Hello:
>
> Been doing some research on firewall appliances. Couldn't find
> review/comparison/rating articles to my satisfaction so I decided to
> try them myself. The three I'm familiar with are web-configurable,
> which is a big plus. They are:
>
> Symantec model 100 Firewall/VPN appliance:
> http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=63
>
> Expensive. Doesn't have stateful packet inspection, but will not cause
> you trouble when you run internet datafeed trading platforms behind
> it.
>
> Netgear FVS318 Prosafe VPN Firewall appliance:
> http://www.netgear.com/products/prod_details.asp?prodID=129&view=sb
>
> Much better web interface with a more descriptive incident log. Has
> stateful packet inspection. But you will have to open ports in order
> to run internet trading software. It's price is reasonable. However,
> from my experience with higher-end solid state equipment made in
> China, inventories tend to be loaded with lemons. So I went ahead and
> got another one and sure enough it behaved differently. Same model,
> firmware, etc. When I opened the proper ports for the trading
> software, one worked and the other didn't.
>
> Linksys BEFSX41 Firewall/VPN appliance:
> http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=433
>
> Best web interface, imo, and a descriptive incident log. Like the
> Netgear router, you will have to open ports. When I tried the
> software, the firewall dropped the connection and had to reboot the
> firewall appliance. Still working on this.
>
>
> I think the latter two appliances are designed for someone who checks
> email, surfs the web, and perhaps play a few network games --but not
> for the trading software user. Works well with Symantec, but not sure
> if Symantec's model is as secure as the newer firewalls from Linksys
> and Netgear.
>
> Still researching to see if these firewalls are satisfactory before
> moving onto something more hard core, like:
> http://www.securecomputing.com/index.cfm?skey=232
>
>
> What I have noticed is that the firewall logs are getting better and
> more descriptive. After a few days of testing, the
> log showed an unsuccessful firewall login attempt (I had remote login
> enabled). I traced the ip and to my horror, it came from an ip block
> reserved for my isp's broadband research and development team. I sent
> an abuse complaint, for what it's worth. Amazing. Sometimes I wonder
> which side these IP professionals are on and
> whether they have enough work to do, so that they don't spend their
> work hours hacking.
>
>
>
>
|