Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: Re: What firewall for small medical research lab

Re: What firewall for small medical research lab

From: Alice Bryson <abryson_at_bytefocus.com>
Date: Wed, 10 May 2006 09:45:47 +0800

hi there:
    Fortinet FortiGate 60 possibly is suitable for you. I has
integrate Anti-Virus, IPS, VPN, Anti-Spam, Web-filter and etc
together, and it's cheap.
    See http://www.fortinet.com

2006/4/27, rmillisl_at_millis-it.com <rmillisl_at_millis-it.com>:
> I have been asked to research what good, low cost, firewall solutions
> might prove suitable for a medical research lab at a local University to
> protect confidential patient data from outsiders.
>
> In addition to other research I though I would ask here.
>
> I realize a firewall is just one component of an overall security policy /
> implementation.
>
> Basically what is needed is a simple NAT box that generally keeps
> outsiders out, and allows authorized lab servers and workstations to
> access certain services out on the main building network (DNS, IMAP, POP,
> SMTP, HTTP, HTTPS, FTP, SSH) and through that network to the Internet
> (through the main building campus/network).
>
> Cost is a very important factor so suggested solutions have been:
>
> - Pay someone to set up a PC based firewall running on surplus hardware
> using either Fedora Core 5 and Shorewall 3.0.6 (to allow easy
> configuration of iptables rules). The hardware and software cost are low.
> The time could add up. I have considerable experience with this so this
> would be the lowest learning curve. Problem is Fedora with its frequent
> updates may make managing this more of a chore.
>
> - Pay someone to set up a a PC based firewall running on surplus hardware
> using either OpenBSD 3.7 or 3.8 and pf. The hardware and software cost are
> low. The time could add up. I have some OpenBSD experience and no pf
> background.
>
> - Pay someone to set up a a Linksys or D-Link broadband
> switch/firewall/router. The hardware cost is low. The time to set up may
> be minimal (Plug&Play + some common sense and provided firewall/filter
> capabilities). Are these a serious and secure enough solution?
>
> - Some other low cost hardware or software based alternative. What else
> might be out there that I don't know about that might be comparable in
> cost to the D-Link or Linksys options.
>
> The PC based solutions I personally have the most confidence in with
> respect to hand crafting a minimal OS build and hardening and patching the
> OS and doing rules mostly by hand. With pf there is some concern of errors
> introduced due to learning curve.
>
> Comments? Suggestions?
>
> 

--
Homepage: http://www.lwang.org
mailto:abryson_at_bytefocus.com
Received on May 10 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos