Hello everyone,

My uncle's company requires an excellent firewall at both the server and client level, like how ISPs give away firewalls to their customers, they want to give a firewall license to their employees.

They need a decent firewall for servers AND clients, ones that would protect their network properly, are very compatible with each other and easy to use...

Cost is not an issue, but its a nice bonus if its free...

Any suggestions?

-{ Quote: "... they want to give a firewall license to their employees." }-
Could you clarify, is this for employee use at home or for securing workstations/servers at the office?

Regards,

CrazyM

Such a firewall would veed to be managed centrally and would know how to distinguish between lan-attached mode (lower protection) and stand-alone mode (or attached to a not centrally managed lan, with higher protection level).

Check out Checkpoint integrity flex (former zonealarm) and Sygate enterprise.

There are (as far as I now) no free corporate class personal firewalls, although you might say that XP SP2 is a centrally manageable fw, but it's lacking some features that the others do: outbound process control and two protection modes, although the high protection mode can perhaps be overruled by the low protection one by applying group policies in the active directory. I wouldn't bet my money on it.

( forgot to mention this: outpost is coming to your desktop in an office version, looking good to me :))

-{ Quote: "Could you clarify, is this for employee use at home or for securing workstations/servers at the office?

Regards,

CrazyM" }-
Both.

What do you use for enterprise virus protection? You may want to think about building on that. For example, if you use Symantec AV, you could upgrade your licenses to Symantec Client Security to take advantage of the client fw. If you can integrate with existing security software, this will ease the deployment/administration for the network admins.

The following table comes from eEye's Blink product page (so its obviously skewed towards them), but I believe it was original published by Network World. Anyway, it shows basically all of the enterprise-level endpoint security products. Some are more host-level IPS products, while others are host firewalls... the table sort of gives you an idea.

http://www.eeye.com/html/assets/blinkCompMatrix.gif

Thanks a lot for that, Alec. I'll tell my uncle to catch up on this thread...

-{ Quote: "Originally Posted by CrazyM
Could you clarify, is this for employee use at home or for securing workstations/servers at the office?

Originally Posted by Firecat
Both." }-
For employee use at home there are many good software firewalls available, both free and paid. Finding one that everyone would be happy with is another thing as personal preference and needs will vary. The exception being if this is for company laptops going home, in which case the company would define what would be used.

As for the company needs does your uncle have any IT staff? A proper risk assessment should be done, a security policy defined including hardware and software requirements, acceptable use policy for all employees, etc. No small task and there will be a price tag attached.

Regards,

CrazyM

Well basically its for laptops of employees being carried home. There is no IT staff. The rest I'll enquire.