Hardware Firewalls: Necessary Or Not

Mar 23, 2007

I'd like to know what the current "best practice" thinking is with regard to hardware firewalls. Are they really necessary for a Linux server running a solid iptables-based software firewall? Or do they simply add another potential point of component failure?

What are the pros/cons to deploying a hardware firewall vs. going iptables-only on the server?

View 5 Replies


ADVERTISEMENT

Firewalls

Jan 12, 2007

I have just taken delivery of a shiny Windows 2K3 server from a2b2.com and wanted to secure it so that only remote desktop and port number 3306 from certan IP address are allowed to connect to it. I would also like to have NO outgoing connections allowed at all.

My questions are 1) Is this able to be done? and 2) Approximatly how much would it cost.

View 9 Replies View Related

Software Firewalls

Sep 6, 2007

I am about to sign up for a VPS host which doesn't seem to offer hardware based firewalls which means that I am stuck with software based ones. Perhaps I am being old fashioned, but this do make me a bit nervous, as I have the impression that a hardware based firewall is better (of course assuming correct configuration and such)....should I be worried? Is Windows Firewall to be trusted or should I look for something else? My concern isn't only if the firewall will stop any attacks or not, but also at what cost, considering CPU, memory etc. Any comments and recommendations would be apprechiated. I'm not NASA or anything, so I don' really think that the worlds hacker elite is going to come after me, but from what I see in the logs of my current firewall, there is a lot going on on the internet these days and it isn't all good.

View 14 Replies View Related

Is There Any Free Firewalls Available For Cent OS ?

Jan 8, 2008

Are there any free Fire walls available for CentOS 32 bit ?

I heard APF Firewall . Is that APF Firewall free ?

Is that APF Firewall has enough security ?

Is that slow down my server?

(p4 -D 3GHz / 1GB Ram)

View 10 Replies View Related

Windows Firewalls, Which One To Choose?

Dec 28, 2008

I am in the process of looking for a firewall to install on my windows server.

However, which firewall is the best?

Is it better looking for a hardware firewall (Cisco 5510 Firewall) or a software firewall (Quick Heal Firewall Pro)?

View 12 Replies View Related

IPTABLES (Linux Firewalls)

May 21, 2006

IPTABLES(Linux Firewalls)

Use Of Iptables?

Filtering packets based on a MAC address and the values of the flags in the TCP header. This is helpful in preventing attacks using malformed packets and in restricting access from locally attached servers to other networks in spite of their IP addresses.

Firewall also keeps track of each connection passing through it and in certaincases will view the contents of data flows in an attempt to anticipate the next action of certain protocols. This is an important feature in the support of active FTP and DNS, as well as many other network services.

How IP Tables works?

All packets inspected by iptables pass through a sequence of built-in tables (queues) for processing. Each of these queues is dedicated to a particular type of packet activity and is controlled by an associated packet transformation/filtering chain.

There are three tables in total. The first is the mangle table which is responsible for the alteration of quality of service bits in the TCP header. This is hardly used in a home or SOHO environment.

The second table is the filter queue which is responsible for packet filtering. It has three built-in chains in which you can place your firewall policy rules.

a) INPUT Table b) OUTPUT Table c) FORWARD Table

General Syntax of the iptables is as follows:

IPTABLES -A {INPUT,OUTPUT,FORWARD} -p {tcp,udp} --sport(dport) -s {ip} -j {DROP,REJECT,ACCEPT}

To Block the incomming ip:
IPTABLES -A OUTPUT -p tcp --sport{1..65535} -s {ipaddress} -j DROP {REJECT}
To Block the outcomming ip:
IPTABLES -A INPUT -p tcp --sport{1..65535} -s {ipaddress} -j DROP {REJECT}

You can also use --dport instead of --sport & you can use -d instead of -s which specifies source or destination respectively.

View 0 Replies View Related

Security Config 2 Firewalls

May 21, 2008

We are upgrading to a managed server from a VPS. Our main concern is security as we process customers' confidential personal information but don't have large volumes of traffic. Our application developer is recommending the following config:
Firewall --> Web/App Server --> Firewall --> DB Server

The logic being that if the first firewall is breached at least they don't have access to the DB.

Is this really critical or do you think we can start with:
Firewall --> Web/App/DB server?

Obviously budget is a concern and since we will have low traffic for the next few months it seems silly to pay double if it isn't really needed?

View 3 Replies View Related

Do I Have To Reinstall Firewalls, EAccelerator, Etc After I Re-build Apache?

Feb 21, 2007

Do I have to reinstall or re-config firewalls (BFD, APF, etc), eAccelerator, etc after I re-built Apache?

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved