Nate look at V-ONES SMARTGATE product. You don't have to replace your firewall either. It will run on your internal hosts and can provide configurable access to different departments.
I am an assistant to the system administrator for the Universtiy of
Kansas EECS apartment and was wondering if anyone had any recomendations
for firewall software. The way we currently have our systems configured,
ftp and telnet access are allowed from trusted hosts inside the
building, but outside traffic is logged and denied access by TCP
wrappers unless the telnet session attepmting to connect is SSH.
Recently it has become apparent that the major threat is actually inside
the department. We would really like to beef up security between the
trusted hosts without sacrificeing ftp, telnet, ping, or any other
useful application or slowing the system down much.
Any advice would be appreciated,
----------End of Original Message----------