Hoj! I would like from you as much comments, ideas as you can find, regarding firewall on Linux solution. In our company are currently decideing on firewall solution. We have about 150 clients (mouslty on WinNT v4 Workstation) on LAN. We also have some project(s) running, where we expect that we will have a lot of client connections from Internet. I find the following criterias on which we will decide: --- Criteria Linux ----------------------------------------- Price (without preice of OS) 0 Percent of extended support *1 N/A Price for support per year 0 Features: Packet filter Da Proxy (technology) Da * WWW Da * FTP Da * SMTP (MAIL) Da * POP3 Da * News (NNTP) Da * Ping Da * RealPlayer N/A * Telnet Da * Rlogin Da * transparent to end users Da * SOCKS support Da * SSL support Da * WWW Cache Da * FTP Cache Da * caching of DNS lookups Da * xxx Virus scanning integration support N/A Authentication support Da Authentication integration support Da Authentication support services Security Dynamics SecurID, Digital Pathways SecureNet Key, and the Racal Watchword URL filter N/A Managment of bandwith N/A Max. Number of DMZ zones Unlimited (limited only by NIC devices) FW administration Telnet connection, (as configured), GTK+ Firewall Control Center, WebMin, IP Firewall Acounting, Kfirewall (X-Windows), ... Support for VPN Da Encrypton supported IPSEC, DES3 Attack detection: * IP Spoofing N/A * external scans Da * attack response posibility N/A * Ping of death 1 Da * Ping of death 2 Da * attacker identification N/A * DoS (Denial of Service) N/A * xxx Poroèanje o napadih (Intruder detection) N/A Logging Da Enables Analize of logs Da Reporting tool Product name N/A Version N/A Vendor N/A Price N/A URL filter Product name N/A Version N/A Vendor N/A Price N/A Operating system Operating system Linux Version Kernel version 2.2.14 Vendor N/A Price 0 Antivirusna protection Product name N/A Version N/A Vendor N/A Price N/A WWW scaning N/A FTP scanning N/A SMTP scanning N/A Authentication software Product name N/A Version N/A Vendor N/A Price 0 --- -------------------------------------------------- Da ... means Yes Ne ... means No N/A ... means Not Available or "I don't know!" -------------------------------------------------- Did I miss any other important criteria? For a lot of criteria factors I don't know the solutions (for example: if it exists the antivirus solution that integrates with Firewall on Linux?), so if you know the answer, please EMail me. Do you know any Internet site, where I could get more informations about firewall comparison? Thank you. ---<>--- Bo¹tjan ©tupica - MCP Product Specialist EMail: bostjanst@siol.net EMail#2: bostjan.stupica@bankart.si WWW: http://www.bankart.si Buss Tel./FAX: +386 (061) xxx-xxxx Home Tel./FAX: +386 (061) 865-135 Mobile: (041) 807-086 ---<>--- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-2"> <META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2448.0"> <TITLE>Linux Firewall questions</TITLE> </HEAD> <BODY> <FONT SIZE=2>Hoj!</FONT> </P> <FONT SIZE=2>I would like from you as much comments, ideas as you can find, regarding firewall on Linux solution.</FONT> </P> <FONT SIZE=2>In our company are currently decideing on firewall solution. We have about 150 clients (mouslty on WinNT v4 Workstation) on LAN. We also have some project(s) running, where we expect that we will have a lot of client connections from Internet.</FONT></P> <FONT SIZE=2>I find the following criterias on which we will decide:</FONT> <FONT SIZE=2>---</FONT> <FONT SIZE=2>Criteria Linux</FONT> <FONT SIZE=2>-----------------------------------------</FONT> <FONT SIZE=2>Price (without preice of OS) 0</FONT> <FONT SIZE=2>Percent of extended support *1 N/A</FONT> <FONT SIZE=2>Price for support per year 0</FONT> <FONT SIZE=2>Features: </FONT> <FONT SIZE=2>Packet filter Da</FONT> <FONT SIZE=2>Proxy (technology) Da</FONT> <FONT SIZE=2>* WWW Da</FONT> <FONT SIZE=2>* FTP Da</FONT> <FONT SIZE=2>* SMTP (MAIL) Da</FONT> <FONT SIZE=2>* POP3 Da</FONT> <FONT SIZE=2>* News (NNTP) Da</FONT> <FONT SIZE=2>* Ping Da</FONT> <FONT SIZE=2>* RealPlayer N/A</FONT> <FONT SIZE=2>* Telnet Da</FONT> <FONT SIZE=2>* Rlogin Da</FONT> <FONT SIZE=2>* transparent to end users Da</FONT> <FONT SIZE=2>* SOCKS support Da</FONT> <FONT SIZE=2>* SSL support Da</FONT> <FONT SIZE=2>* WWW Cache Da</FONT> <FONT SIZE=2>* FTP Cache Da</FONT> <FONT SIZE=2>* caching of DNS lookups Da</FONT> <FONT SIZE=2>* xxx </FONT> <FONT SIZE=2>Virus scanning integration support N/A</FONT> <FONT SIZE=2>Authentication support Da</FONT> <FONT SIZE=2>Authentication integration support Da</FONT> <FONT SIZE=2>Authentication support services Security Dynamics SecurID, Digital Pathways SecureNet Key, and the Racal Watchword</FONT> <FONT SIZE=2>URL filter N/A</FONT> <FONT SIZE=2>Managment of bandwith N/A</FONT> <FONT SIZE=2>Max. Number of DMZ zones Unlimited (limited only by NIC devices)</FONT> <FONT SIZE=2>FW administration Telnet connection, (as configured), GTK+ Firewall Control Center, WebMin, IP Firewall Acounting, Kfirewall (X-Windows), ...</FONT></P> <FONT SIZE=2>Support for VPN Da</FONT> <FONT SIZE=2>Encrypton supported IPSEC, DES3</FONT> <FONT SIZE=2>Attack detection: </FONT> <FONT SIZE=2>* IP Spoofing N/A</FONT> <FONT SIZE=2>* external scans Da</FONT> <FONT SIZE=2>* attack response posibility N/A</FONT> <FONT SIZE=2>* Ping of death 1 Da</FONT> <FONT SIZE=2>* Ping of death 2 Da</FONT> <FONT SIZE=2>* attacker identification N/A</FONT> <FONT SIZE=2>* DoS (Denial of Service) N/A</FONT> <FONT SIZE=2>* xxx </FONT> <FONT SIZE=2>Poroèanje o napadih</FONT> <FONT SIZE=2>(Intruder detection) N/A</FONT> <FONT SIZE=2>Logging Da</FONT> <FONT SIZE=2>Enables Analize of logs Da</FONT> <FONT SIZE=2>Reporting tool </FONT> <FONT SIZE=2>Product name N/A</FONT> <FONT SIZE=2>Version N/A</FONT> <FONT SIZE=2>Vendor N/A</FONT> <FONT SIZE=2>Price N/A</FONT> <FONT SIZE=2>URL filter </FONT> <FONT SIZE=2>Product name N/A</FONT> <FONT SIZE=2>Version N/A</FONT> <FONT SIZE=2>Vendor N/A</FONT> <FONT SIZE=2>Price N/A</FONT> <FONT SIZE=2>Operating system </FONT> <FONT SIZE=2>Operating system Linux</FONT> <FONT SIZE=2>Version Kernel version 2.2.14</FONT> <FONT SIZE=2>Vendor N/A</FONT> <FONT SIZE=2>Price 0</FONT> <FONT SIZE=2>Antivirusna protection </FONT> <FONT SIZE=2>Product name N/A</FONT> <FONT SIZE=2>Version N/A</FONT> <FONT SIZE=2>Vendor N/A</FONT> <FONT SIZE=2>Price N/A</FONT> <FONT SIZE=2>WWW scaning N/A</FONT> <FONT SIZE=2>FTP scanning N/A</FONT> <FONT SIZE=2>SMTP scanning N/A</FONT> <FONT SIZE=2>Authentication software </FONT> <FONT SIZE=2>Product name N/A</FONT> <FONT SIZE=2>Version N/A</FONT> <FONT SIZE=2>Vendor N/A</FONT> <FONT SIZE=2>Price 0</FONT> <FONT SIZE=2>---</FONT> </P> <FONT SIZE=2>--------------------------------------------------</FONT> <FONT SIZE=2>Da ... means Yes</FONT> <FONT SIZE=2>Ne ... means No</FONT> <FONT SIZE=2>N/A ... means Not Available or "I don't know!"</FONT> <FONT SIZE=2>--------------------------------------------------</FONT> </P> <FONT SIZE=2>Did I miss any other important criteria?</FONT> </P> <FONT SIZE=2>For a lot of criteria factors I don't know the solutions (for example: if it exists the antivirus solution that integrates with Firewall on Linux?), so if you know the answer, please EMail me.</FONT></P> <FONT SIZE=2>Do you know any Internet site, where I could get more informations about firewall comparison?</FONT> </P> <FONT SIZE=2>Thank you.</FONT> </P> <FONT SIZE=2>---<>---</FONT> </P> <FONT SIZE=2>Bo¹tjan ©tupica - MCP Product Specialist</FONT> <FONT SIZE=2>EMail: bostjanst@siol.net</FONT> <FONT SIZE=2>EMail#2: bostjan.stupica@bankart.si</FONT> <FONT SIZE=2>WWW: http://www.bankart.si</FONT> <FONT SIZE=2>Buss Tel./FAX: +386 (061) xxx-xxxx</FONT> <FONT SIZE=2>Home Tel./FAX: +386 (061) 865-135</FONT> <FONT SIZE=2>Mobile: (041) 807-086</FONT> </P> <FONT SIZE=2>---<>---</FONT> </P> </BODY>
participants (1)
-
Bostjan.Stupica@Bankart.si