HI guys, can you recommend a good firewall to be used on a server? 2003/2008 32bit/64bit, please dont mention built-in firewall. - I am looking for a third party software - it does not have to be free, just good for a company use.. Thanks!
Hi, At this point I only need software firewall to evaluate, we already have hardware in place. This software needs to be able to be installed directly into windows server. Kerio works on 2k8r2, still lookeng for alternatives, any other suggestions? thanks so much for the suggestions already given...
I recommend using Kaspesky Internet Security for Window Server box. Using Hardware firewall together with ForeFont Threat Management Gateway (or ISA 2006) for the enterprise.
My reccomendation: Put an ISA 2006 box in front of the Server(s) you want to protect. Configure it and go. There are alternatives to ISA 2006 though, you can use IPCop, m0n0wall, untangle or smoothwall if you wish. Hell, you can even use a VM acting as a router to better firewall off your server.
software: Microsoft ISA 2006, Symantec Endpoint Protection (Antivirus + mini Firewall) + Built-in Firewall of W2008 (Better than 2k3 so far) hardware: SonicWall, Mcafee, Bluecoat, Cisco, Juniper...
unless your server is on the edge of your network what is the point of a firewall. If it is a real server then putting a firewall on it is going to hamper the purpose of it which is to serve clients. Most companies/admins don't put firewalls on their internal servers because it causes more problems than it solves. There aren't really many stand-alone firewall programs out there anymore. WinRoute is more like a software router than a Firewall. Most firewalls are either hardware or in the software case built into an existing AV client.
Application Load balancer Can Any one recommend a good Application Load balancer, that has proxy and caching capability, apart from Zeus Technology Cheers
Take a look at Pfsense, Clarkconnect 5.0 and ClearOS 5.1. ClearOS is the new Clarkconnect which is still in the beta testing process state. For your own need i think Pfsense will do the job and it's very stable.
U pretty much summed it up there... no way is it a good idea to put a firewall on an internal server. Don't do it, you'll get headaches. A firewall between servers though is definitely a good idea as it will allow you to control and better monitor the ports used to connect them. Also a software firewall would likely not comply as it would violate the provision around servers providing a single primary function. My two cents
Router...period. Software firewalls are vulnerable to malware , corrupted OS components, failing harddrives to name a few. Quality hardware routers are reliable assuming they're properly configured and secured. Note: You need the ability to block a port(s) reliably in case of attacks or 0-day vulnerabilities for example, routers are again ideal here. The biggest complaint I have had are those needing tons of open incoming ports for some services like passive FTP. We just changed to a FTP server software that allows limiting the passive range.
Recommendation Forefront Threat Management Gateway to protect your inside network from Internet (Edge Firewall) or perimeter network (Backend Firewall)... But if your only concern is the server itself build-in firewall will suffice as long as the server is updated with latest security updates...