Firewall @ remote location
Misha
misha at insync.net
Thu Nov 4 05:37:04 EST 1999
> Most DSL routers have a firewall feature set. On Flowpoints its only
> about
> $200 (quite a horrible firewall implementation actually), which should
> do
> the job.
>
> Does the bank really want a "horrible" firewall implementation (see
> Bugtraq in both April and August of this year) just because it
> included in the cost of the connection?
Thats exactly why I included that disclaimer. I do think router based
firewall is a bit better than something on the clients end. Ideally of
course, all IPSec vendors would play nice with Cisco. Then despite what
connection you had, you could easily drop off a Cisco 1720 with dual
ethernet interfaces behind your DSL router, running the IOS firewall and
acting at the IPSec gateway. Total cost of under $2k for a firewall and an
IPSec device in one, plus low management costs. In fact this is exactly
what we expect do be doing once we find a vendor who can promise Cisco
interporability. Alternative would be a Nortel Contivity switch and their
new Instant Internet box (starts at $700).
Pix at every site would be great, but even at $5k per box its only
reasonable at the branch offices.
Misha
****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
We are currently experiencing "unsubscribe" difficulties. If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
****************************************************************
More information about the VPN
mailing list