Great Circle Associates Firewalls
(December 1997)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Intro & question: looking for FW recommendation
From: John Palmer <jpalmer @ pobox . com>
Date: Sun, 28 Dec 1997 19:37:07 -0500
To: firewalls @ GreatCircle . COM

Greetings & Happy Holidays to all!!

This is my first posting to the Firewalls list. I work in IS as a
Systems/Network Administrator.  My background includes programming,
networking.  My TCP/IP knowledge isn't very strong, but I'm not IP-stupid. :)

The network I admin is Token-Ring based, with OS/2, 95 and NT clients on a
single subnet.  The facility I am at is a satellite connected to the
company WAN/corp HQ's through a router & leased line.

There are several users at the facility that have Internet access, and
several more that are asking for access.  All current Internet users must
follow company policy for dialup access: physically disconnect from the
LAN, connect to the Internet, conclude your business, run a virus scan...
and then you may physically reconnect to the LAN. (did I hear some eyeballs
roll?)

I'm looking at the possibility of setting up a firewall & 56K line to our
local ISP.  The current average monthly local phone charges + cost of
maintaining several 28.8 dialup accounts is > than cost of a dedicated 56K
line to the ISP. Also add in the fact that all of the local 28.8 dialups
suck up our trunks lines... we're getting reports of busy signals
frequently. It would be more cost-effective to to the latter above.

(enough background, on to the question - if you haven't gotten bored and
deleted this yet)

So I am looking for recommendations for a firewall / connection to the
Internet.  There is no need for incoming FTP, Telnet or HTTP from outside
the firewall.  Mail may be a possibility in the future, but as a general
rule, there is nothing to be shared with the world.  If a user inside the
firewall runs FTPD or TELNETD, the firewall must still block anything
incoming.  

Corporate HQ is currently testing a firewall package for their own Internet
access, but satellite facilities such as mine will be unable to use the
firewall. 

I'm looking for something that fits the criteria above.  Any questions or
points that I'm missing? I can't set up a firewall unless it/the plan is
completely approved by Corporate IS/Security etc. So I'm trying to do all
of the homework possible before proceeding.  

Thanks in advance, 

John






/*
-----------------------------------------------------------------------------
   UNDER CONSTRUCTION
   This tag line made from 90% post-consumer recycled letters.

----------------------------------------------------------------------------
- */

Indexed By Date Previous: NAT vs. transparent proxie
From: "Martin Esslinger" <esslinger @ bigfoot . com>
Next: RE: configuring Ciscos' As proxy
From: Peter Cucinell <cucinell @ hawksbill . sprintmrn . com>
Indexed By Thread Previous: NAT vs. transparent proxie
From: "Martin Esslinger" <esslinger @ bigfoot . com>
Next: RE: Intro & question: looking for FW recommendation
From: Joseph Judge <joej @ ma . ultranet . com>

Google
 
Search Internet Search www.greatcircle.com