Hardware firewall enough? And how to configure?

Discussion in 'other firewalls' started by M_S, Dec 8, 2005.

Thread Status:
Not open for further replies.
  1. M_S

    M_S Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    64
    I'm helping a friend with a setup: in their office they have several quite elderly machines linked together on an ethernet, and connected to the outside world via a Dlink DSL-504 router. I've installed NOD32 on each of the machines, and Kerio PF on the one machine running Win 2000. All the others are running 98, and I've had to opt for ZA as software firewall on these machines. But it is so big and heavy that it's slowing them down - and configuring it properly so that all the machines can consistently communicate is proving to be a pain.

    (Yesterday, I could ping each machine from every other, but still had great difficulty saving documents across the network to the server. If anyone has any solutions to this problem, I would be grateful also. I have including 192.168.0.0-192.188.0.255 in the Trusted Zone, but that doesn't seem to help.)

    I am wondering if it might be safe enough to rely on the Dlink router as a firewall, and run these machines without software firewalls? And if you think so, could you point me to a tutorial on setting up the router - here is one link I've seen, but I have never had to deal with this kind of thing before, so wanted to check with your collective experience! http://firewalling.com/dlink/dsl-504-firewall.htm

    Thanks.
     
  2. Arup

    Arup Guest

    I truly understand your plight, the router will give you good inbound protection once set up right, but for outbound, you still need a firewall, the lightest being Kerio2x,which I see you are already using in your Win2K machine, have you tried to install it on your 9x machine yet?
     
  3. M_S

    M_S Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    64
    Actually, it is KPF 4.2.2 that I am running on the 2k machine. I tried 2.15 on two of the machines, but I expect it requires just a little too much attention for these users, who are all quite inexperienced and lacking confidence... What about Filseclab: any opinions? I believe it is very light on resources. Perhaps it's enough?
     
  4. Arup

    Arup Guest

    Filseclab is good but it takes 15m as well as suffers from CPU spikes, best option for you would be Kerio2x with BZ rules, 5.5mb at the most.
     
  5. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
  6. andie

    andie Guest

    I am using Filseclab and so far, I am very pleased. I haven't noticed a cpu spike (perhaps I have just missed it), and the actual memory used is really quite efficient. I turn off the messenger app and only run the xfilter.exe and VM size and "private bytes" from perfmon report around 5 to 6 megs. Occasionally this can creep up to 9 or 10, and if that is a problem, it is quick and easy to shut down the firewall and restart, and it is back to approx 5 megs.
     
  7. Arup

    Arup Guest

    Fully agreed, Filseclab is one of the best free firewall around with rule making interface which is almost as good as Kerio 2x.
     
Loading...
Thread Status:
Not open for further replies.