SOHO/Enterprise Firewalls For Windows Networks
Last Updated: 01 Sep 2004
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*** PLEASE NOTE: Link(s), If Provided, May Be Wrapped ***
Many people feel that security on a home (or SOHO)
network is not that important, because they don't have
*critical* data on their systems. It is true that most
home systems and networks are not compromised for their
data. They are compromised for practice purposes, or
to create remote zombies for large-scale Distributed
Denial of Service (DDoS) attacks against other networks.
On a number of occasions, the Internet has been bogged
down through the propagation of Viruses and Worms by
unpatched systems. Remember: Security is not simply
about protecting yourself directly -- it's also about
protecting your neighbor (and the Internet) indirectly.
If your machine is ever compromised, just format it
and rebuild, restoring any necessary data from the
last clean backup. You can never be sure that you've
managed to clean out all the backdoors on such a system.
HARDWARE VS SOFTWARE FIREWALLS
For those connected to the Internet via Cable/DSL lines,
there are now a variety of firewall products for use in
the Home Office, Small Business or Large Enterprise:
Hardware and software firewalls present different pluses
and minus. What you choose depends on skillset, security
needs, cost and time. For the most part, I favor hardware
firewall appliances over software firewalls which are
installed on top a standard OS.
• http://www.giac.org/practical/gsec/Andrew_Baker_GSEC.pdf
Here's my rating for Corporate firewall options:
(from MOST to LEAST desirable)
• Hardware Firewall Applicance
• OpenBSD/Linux based firewall
• Firewall software on a hardened OS
• Broadband Router/Firewall
FIREWALL APPLIANCES
• FortiGate .............. http://www.fortinet.com/products/
• Gnat Box ............... http://www.gnatbox.com/
• GuardianPro ............ http://www.ntguard.com/
• Interceptor ............ http://www.esoft.com/products/interceptor.html
• NetScreen .............. http://www.juniper.net/products/integrated/
• NetWinder .............. http://www.netwinder.net/
• PGP .................... http://www.pgp.com/products/eppliance/
• SnapGear ............... http://www.snapgear.com/
• SonicWall .............. http://www.sonicwall.com/
• StoneGate .............. http://www.stonesoft.com/products/
• WatchGuard ............. http://www.watchguard.com/
SOFTWARE FIREWALL SOLUTIONS
• Absolute Firewall ...... http://www.absolutefirewall.com/
• Blink .................. http://www.eeye.com/html/products/blink/
• Comsocks ............... http://www.linkbyte.com/
• ConSeal PC Firewall .... http://www.candc1.com/conseal/cfindex.htm
• CyberArmor Personal .... http://www.infoexpress.com/
• Cyberwall Plus ......... http://www.network-1.com/
• eSafe Protect .......... http://www.reeseweb.com/personal.htm
• Internet Firewall ...... http://www.digitalrobotics.com/fire.htm
• KerioPersonalFirewall .. http://www.kerio.com/us/kpf_home.html
• LockDown 2000 .......... http://speed.speedlink.com.au/users/esw/security.html
• Norton Security ........ http://www.symantec.com/sabu/nis/
• PGP Personal Firewall .. http://www.pgp.com/products/freeware/
• SyGate Shield .......... http://www.sygate.com/products/
• Tiny Personal FW ....... http://www.tinysoftware.com/
• Vicomsoft InterGate .... http://www.vicomsoft.com/vig/vig.main.html
• Windows ICF ............ http://www.microsoft.com/windowsxp/pro/using/howto/networking/icf.asp
• WinRoute Pro ........... http://www.kerio.com/us/wrp_home.html
• ZoneAlarm .............. http://www.zonelabs.com/
ENTERPRISE FIREWALL SOLUTIONS
• Bivio .................. http://www.networkrobots.com/
• CheckPoint Firewall-1 .. http://www.checkpoint.com/
• Cisco Pix .............. http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/index.shtml
• Elron Firewall ......... http://www.elronsw.com/enterprise/cvfirewall.htm
• Gauntlet ............... http://www.pgp.com/asp_set/products/tns/gauntlet.asp
• Microsoft ISA Server ... http://www.microsoft.com/isaserver/
... http://www.isaserver.org/
• NetScreen Firewalls .... http://www.netscreen.com/products/
• Nokia .................. http://www.nokia.com/securenetworksolutions/
• Raptor ................. http://www.axent.com/Axent/Public/Main?nav=Products
• SecureWay Firewall ..... http://www.ibm.com/software/security/firewall/
• Sidewinder ............. http://www.securecomputing.com/index.cfm?skey=232
ENTERPRISE FIREWALL SOLUTIONS (SPECIALIZED)
• MXtreme Mail Firewall .. http://www.group1ies.com/px_mxtreme.html
INTRUSION DETECTION SYSTEMS
• BlackICE Defender ...... http://www.networkice.com/
• Blink .................. http://www.eeye.com/html/products/blink/
• DShield ................ http://www.dshield.org/
• NeoWatch ............... http://www.neoworx.com/
• LANGuard S.E.L.M. ...... http://www.gfi.com/lanselm/
• ISS Real Secure ........ http://www.iss.net/
• NetProwler ............. http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=50&PID=4431813
• NetWatcher 2000 ........ http://www.moonlight-software.com/netwatcher.htm
• NFR .................... http://www.nfr.com/
• Security Wizards ....... http://www.securitywizards.com/
• Snort .................. http://www.snort.org/
• StormWatch ............. http://www.okena.com/
• SyGate Enterprise ...... http://www.sygate.com/products/
• UnityOne ............... http://www.tippingpoint.com/
• WinSnort ............... http://www.winsnort.com/
• Various ................ http://www.networkintrusion.co.uk/consoles/
SECURITY MANAGEMENT/REPORTING/CORRELATION TOOLS
• ArcSight ............... http://www.arcsight.com/
• Contego ................ http://www.trigeo.com/products.php
• NetForensics ........... http://www.netforensics.com/
• Private-I .............. http://www.opensystems.com/
• REM .................... http://www.eeye.com/html/products/rem/
WIN32 FILE ARCHIVES & RESOURCES
• About Firewalls ........ http://windowsnt.about.com/compute/windowsnt/msub30.htm
• About Security ......... http://netsecurity.about.com/compute/netsecurity/
• Freshmeat .............. http://software.freshmeat.net/search/?q=firewall§ion=projects
• Security Online ........ http://www.security-online.com/info/firewall.html
• SearchNetworking ....... http://searchnetworking.techtarget.com/
• SoftSeek ............... http://www.softseek.com/Utilities/Networking/Proxy_Servers_and_Firewalls
• WhatIs Firewall ........ http://whatis.com/firewall.htm
• Win2000 Security ....... http://www.windows2000security.com/
• CNET Downloads ......... http://download.cnet.com/downloads/1,10150,0-10001-103-0-1-7,00.html?tag=srch&qt=firewalls&cn=&ca=10001
• ZDNet Resources ........ http://www.zdnet.com/eweek/filters/resources/0,10227,6016830,00.html
PACKET FILTERING & STATEFUL INSPECTION
• http://www.ncmag.com/2001_04/packet/
• http://www.sonicwall.com/products/documentation/firewall_SPI.html
• http://www.checkpoint.com/products/technology/stateful1.html
• http://www.netscreen.com/products/firewall/security/stateful_inspection.jsp
REVIEWS & ARTICLES
• http://www.uksecurityonline.com/products/firewalls.php
• http://www.uksecurityonline.com/products/intrusion-detection.php
• http://www.pcmag.com/article2/0,4149,653189,00.asp
• http://www.infosecuritymag.com/articles/january01/departments_products1.shtml
• http://www.spirit.com/cgi-bin/report.pl
• http://www.giac.org/practical/gsec/Andrew_Baker_GSEC.pdf
• http://www.epinions.com/ntwk-Firewall-All-Netscreen_10?sp=i2
• http://www.dalantech.com/ubbthreads/postlist.php?Cat=&Board=reviews&page=0&view=collapsed&sb=5&o=all
• http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=firewall+reviews
SECURITY FAQs & RESOURCES
• http://www.silicondefense.com/support/windows/documentation.php
• http://www.dslreports.com/security/
• http://www.hackerwhacker.com/
• http://security.symantec.com/
• http://grcsucks.com/
• http://www.sdesign.com/securitytest/
• http://security.SnapFiles.com/
• http://hackingthemainframe.com/portscan.php
• http://www.thegild.com/firewall/
• http://lists.gnac.net/firewalls/
• http://www.deathstar.ch
• http://www.enteract.com/~lspitz/audit.html
• http://www.icsa.net/html/communities/firewalls/buyers_guide/index.shtml
• http://www.icsalabs.com/index.shtml
• http://www.phoneboy.com
• http://www.practicallynetworked.com/
• http://www.secure-1.com/faq/fw1/dmz.asp
• http://www.robertgraham.com/pubs/network-intrusion-detection.html
• http://www.securityware.co.uk/intrusion-detection/
• http://www.sans.org/infosecFAQ/firewall/firewall_list.htm
• http://www.dshield.org/
• http://www.cisco.com/warp/public/707/newsflash.html
• http://www.asl-security.com/firewalls/
• http://www.smallnetbuilder.com/
Enterprising souls can also consider configuring a Linux
or FreeBSD/OpenBSD box as a firewall on their network.
LINUX ROUTERS/FIREALLS
• http://www.linux-firewall-tools.com/linux/
• http://www.dalantech.com/coyote.shtml
• http://www.coyotelinux.org/
• http://www.clarkconnect.org/
• http://www.smoothwall.org/
• http://www.freesco.org/
• http://www.e-smith.org/
• http://www.ipcop.org/
OTHER *NIX SOLUTIONS
• http://www.openbsd.org/
• http://www.freebsd.org/
• http://www.linux.org/
BOOKS -- https://brainwavecc.com/Library.html
• Building Internet Firewalls
• Firewalls 24seven
• Building Linux and OpenBSD Firewalls
PERSONAL NOTES
• Favorite desktop firewalls:
Kerio Personal Firewall
Tiny Personal Firewall
SyGate Personal Firewall
• Favorite Network firewalls:
Netscreen
FortiGate
SonicWall
• The FortiGate products sport a very cost-effective
combination of firewall protection with VPN, AntiVirus
and Content Filtering. The CEO and founder is an
ex-Netscren founder.
• The NetScreen product suite is rather outstanding.
They cover the full spectrum: everything from simple
Broadband connections to Gigabit Ethernet Enterprise,
all with VPN support. Their low-end products are very
inexpensive, and outperform many products up to 10 times
more expensive.
• Be careful when using a remote site to perform security
scans or evaluations of your network. You never really
know what might be done with the info they obtain.
• Tiny Personal Firewall now contains an integrated IDS
module
• Remember: Security is not simply about protecting
yourself directly -- it's also about protecting your
neighbor (and the Internet) indirectly.