Device/Firewall for SOHO in AD 2003 Env

TheMSsForum.com: The Microsoft Software Forum

Background:

We have three servers with its own web contents available on the Internet.
Our servers are not behing ANY firewall and would liekt o place behind
firewall (I only want to expose the necessary services to the outside
world - nothing more). Each server is Windows 2003 Std. and one is a DC.

(1) I have three servers internally that has its own public IP.

(2) I want a firewall device to block everything except the web sites
(other services) I have on each one. I want o publish any service (FTP,
RDP, etc) and punch a hole in the firewall device and port forwad to correct
internal IP.

Question:
=======

What device for the SOHO (cheap), that will allow me to forward traffic from
each PUBLIC IP (only 3 servers to forward to) to the correct Internal
Server? Basically, I want a device that will function a simple firewall,
and also port forwards traffic of public IP to the appropriate internal IP /
server.

Hope this makes sense...please let me know what you think - thanks.
Top

Re: Device/Firewall for SOHO in AD 2003 Env by Steve

Steve
Sat Sep 11 12:37:31 CDT 2004

At the cheap end, any $40 cable router will do what you are asking. Their
firewall function is usually just a port blocker - nothing too advanced and
they will only support 1 external IP. They will publish your internal
Servers. The security is pretty good but their are no intrusion detection
mechanisms.

When I was shopping for a commercial product last week, I found the
"Symantec Hardware Firewall Routers" to offer the best prices - starting
under $400.



"Seay" <seay@mail.com> wrote in message
news:eTBpORCmEHA.3428@TK2MSFTNGP11.phx.gbl...
> Background:
>
> We have three servers with its own web contents available on the Internet.
> Our servers are not behing ANY firewall and would liekt o place behind
> firewall (I only want to expose the necessary services to the outside
> world - nothing more). Each server is Windows 2003 Std. and one is a DC.
>
> (1) I have three servers internally that has its own public IP.
>
> (2) I want a firewall device to block everything except the web sites
> (other services) I have on each one. I want o publish any service (FTP,
> RDP, etc) and punch a hole in the firewall device and port forwad to
correct
> internal IP.
>
> Question:
> =======
>
> What device for the SOHO (cheap), that will allow me to forward traffic
from
> each PUBLIC IP (only 3 servers to forward to) to the correct Internal
> Server? Basically, I want a device that will function a simple firewall,
> and also port forwards traffic of public IP to the appropriate internal IP
/
> server.
>
> Hope this makes sense...please let me know what you think - thanks.
>
>


Top

Re: Device/Firewall for SOHO in AD 2003 Env by Seay

Seay
Sat Sep 11 13:19:15 CDT 2004

Ok...along those lines - anything like this with up to 5 PUBLIC IP at least?
Thanks.


"Steve Bruce, mct" <steve@xmaslake.com> wrote in message
news:eRtjOYCmEHA.2884@TK2MSFTNGP09.phx.gbl...
> At the cheap end, any $40 cable router will do what you are asking. Their
> firewall function is usually just a port blocker - nothing too advanced
> and
> they will only support 1 external IP. They will publish your internal
> Servers. The security is pretty good but their are no intrusion
> detection
> mechanisms.
>
> When I was shopping for a commercial product last week, I found the
> "Symantec Hardware Firewall Routers" to offer the best prices - starting
> under $400.
>
>
>
> "Seay" <seay@mail.com> wrote in message
> news:eTBpORCmEHA.3428@TK2MSFTNGP11.phx.gbl...
>> Background:
>>
>> We have three servers with its own web contents available on the
>> Internet.
>> Our servers are not behing ANY firewall and would liekt o place behind
>> firewall (I only want to expose the necessary services to the outside
>> world - nothing more). Each server is Windows 2003 Std. and one is a DC.
>>
>> (1) I have three servers internally that has its own public IP.
>>
>> (2) I want a firewall device to block everything except the web sites
>> (other services) I have on each one. I want o publish any service (FTP,
>> RDP, etc) and punch a hole in the firewall device and port forwad to
> correct
>> internal IP.
>>
>> Question:
>> =======
>>
>> What device for the SOHO (cheap), that will allow me to forward traffic
> from
>> each PUBLIC IP (only 3 servers to forward to) to the correct Internal
>> Server? Basically, I want a device that will function a simple firewall,
>> and also port forwards traffic of public IP to the appropriate internal
>> IP
> /
>> server.
>>
>> Hope this makes sense...please let me know what you think - thanks.
>>
>>
>
>


Top

Re: Device/Firewall for SOHO in AD 2003 Env by Steve

Steve
Sat Sep 11 13:25:02 CDT 2004

Because of the pricing, take a look at the Symantec product - to see how far
up the product chain you have to go to support 5 IP's

"Seay" <seay@mail.com> wrote in message
news:%23jrFZvCmEHA.3900@TK2MSFTNGP10.phx.gbl...
> Ok...along those lines - anything like this with up to 5 PUBLIC IP at
least?
> Thanks.
>
>
> "Steve Bruce, mct" <steve@xmaslake.com> wrote in message
> news:eRtjOYCmEHA.2884@TK2MSFTNGP09.phx.gbl...
> > At the cheap end, any $40 cable router will do what you are asking.
Their
> > firewall function is usually just a port blocker - nothing too advanced
> > and
> > they will only support 1 external IP. They will publish your internal
> > Servers. The security is pretty good but their are no intrusion
> > detection
> > mechanisms.
> >
> > When I was shopping for a commercial product last week, I found the
> > "Symantec Hardware Firewall Routers" to offer the best prices - starting
> > under $400.
> >
> >
> >
> > "Seay" <seay@mail.com> wrote in message
> > news:eTBpORCmEHA.3428@TK2MSFTNGP11.phx.gbl...
> >> Background:
> >>
> >> We have three servers with its own web contents available on the
> >> Internet.
> >> Our servers are not behing ANY firewall and would liekt o place behind
> >> firewall (I only want to expose the necessary services to the outside
> >> world - nothing more). Each server is Windows 2003 Std. and one is a
DC.
> >>
> >> (1) I have three servers internally that has its own public IP.
> >>
> >> (2) I want a firewall device to block everything except the web sites
> >> (other services) I have on each one. I want o publish any service
(FTP,
> >> RDP, etc) and punch a hole in the firewall device and port forwad to
> > correct
> >> internal IP.
> >>
> >> Question:
> >> =======
> >>
> >> What device for the SOHO (cheap), that will allow me to forward traffic
> > from
> >> each PUBLIC IP (only 3 servers to forward to) to the correct Internal
> >> Server? Basically, I want a device that will function a simple
firewall,
> >> and also port forwards traffic of public IP to the appropriate internal
> >> IP
> > /
> >> server.
> >>
> >> Hope this makes sense...please let me know what you think - thanks.
> >>
> >>
> >
> >
>
>


Top

Re: Device/Firewall for SOHO in AD 2003 Env by Seay

Seay
Sat Sep 11 13:52:18 CDT 2004

Looks like I found a deal... http://www.shopping.com/xPC-~PD-20763017~NS-1

About product...

http://support.dlink.com/products/view.asp?productid=DFL%2D80


"Steve Bruce, mct" <steve@xmaslake.com> wrote in message
news:etNsxyCmEHA.2180@TK2MSFTNGP12.phx.gbl...
> Because of the pricing, take a look at the Symantec product - to see how
> far
> up the product chain you have to go to support 5 IP's
>
> "Seay" <seay@mail.com> wrote in message
> news:%23jrFZvCmEHA.3900@TK2MSFTNGP10.phx.gbl...
>> Ok...along those lines - anything like this with up to 5 PUBLIC IP at
> least?
>> Thanks.
>>
>>
>> "Steve Bruce, mct" <steve@xmaslake.com> wrote in message
>> news:eRtjOYCmEHA.2884@TK2MSFTNGP09.phx.gbl...
>> > At the cheap end, any $40 cable router will do what you are asking.
> Their
>> > firewall function is usually just a port blocker - nothing too advanced
>> > and
>> > they will only support 1 external IP. They will publish your internal
>> > Servers. The security is pretty good but their are no intrusion
>> > detection
>> > mechanisms.
>> >
>> > When I was shopping for a commercial product last week, I found the
>> > "Symantec Hardware Firewall Routers" to offer the best prices -
>> > starting
>> > under $400.
>> >
>> >
>> >
>> > "Seay" <seay@mail.com> wrote in message
>> > news:eTBpORCmEHA.3428@TK2MSFTNGP11.phx.gbl...
>> >> Background:
>> >>
>> >> We have three servers with its own web contents available on the
>> >> Internet.
>> >> Our servers are not behing ANY firewall and would liekt o place behind
>> >> firewall (I only want to expose the necessary services to the outside
>> >> world - nothing more). Each server is Windows 2003 Std. and one is a
> DC.
>> >>
>> >> (1) I have three servers internally that has its own public IP.
>> >>
>> >> (2) I want a firewall device to block everything except the web sites
>> >> (other services) I have on each one. I want o publish any service
> (FTP,
>> >> RDP, etc) and punch a hole in the firewall device and port forwad to
>> > correct
>> >> internal IP.
>> >>
>> >> Question:
>> >> =======
>> >>
>> >> What device for the SOHO (cheap), that will allow me to forward
>> >> traffic
>> > from
>> >> each PUBLIC IP (only 3 servers to forward to) to the correct Internal
>> >> Server? Basically, I want a device that will function a simple
> firewall,
>> >> and also port forwards traffic of public IP to the appropriate
>> >> internal
>> >> IP
>> > /
>> >> server.
>> >>
>> >> Hope this makes sense...please let me know what you think - thanks.
>> >>
>> >>
>> >
>> >
>>
>>
>
>


Top