Corporate firewall

Hello all, as you see I am new in here.
I have a question related to the corporate network security - what kind of firewall should we use for protecting our network from intruders? The firm where I work is close related to transport and logistic so every chunk of information is very useful for our direct business competition. I wish to secure Wifi, also the information flow between the Center and Warehouse also. The Center and Warehouse are not located nearby so we must have connection through internet. Also, our company have branch office in other country and we need to connect to them. I was wondering about using private Cloud service with some decent firewall and VPN. Any suggestions? Thank you in advance.
ps: sorry for horrible English, not my native language.

 

I think you need to hire a an IT specialist to setup you infrastructure.

There is just so much you can hope to achieve from an online post in a public forum.

 

Depends on how many machines you want to protect and what systems are involved.

a) You can go for a corporate security system like e.g. "Symantec endpoint security","McAfee VirusScan Enterprise","Sophos EndUser Protection",etc.

b) If all your systems are windows Vista/7/8 (Business,Professional,Enterprise or Ultimate versions) you can use windows "Group policy firewall" http://technet.microsoft.com/en-us/library/ff602918(v=ws.10).aspx

In both (a) and (b) you must use a strict default deny policy and allow only the needed applications to have network access and the programs that are related to your job should have only access to the local networks and the vpn.

If you use VPN, pay attention to not store any important data to the vpn servers/gateways because their software firewalls won't be able to filter the traffic that passes through the vpn.
e.g. You should configure your network like this.
local_pcs_with_important_data_+_firewall <-> local_vpn_gateway <-> remote_vpn_gateway <-> remote_pcs_with_important_data_+_firewall
or better
local_pcs_with_important_data_+_firewall <->local_central_firewall <-> local_vpn_gateway <-> remote_vpn_gateway <-> remote_central_firewall <-> remote_pcs_with_important_data_+_firewall

One of the best vpn solutions is openvpn.
As for central firewall depends on your needs and budget (hardware firewall or software firewall on dedicated machine e.g. Untangle,etc.).

Panagiotis

 

Thank you both very much for the reply.
Yes, Pandlouk, we will use (I believe) around 20-25 PC's in the network. As the security is a requirement in this corporation (and in others too I think) they don't ask for the "weight" of the money that should be spent for the infrastructure. So, literally, there are no restrictions in that point. I will do more research after your post to find the most appropriate setup that can give as much "privacy" as can.
Thank you again.
Regards