View Full Version : Firewall for adsl
I will finally have an adsl connection in two weeks. I will have my home lan connected to the net :)
What kind of protection should I use?
Do you recomend any home firewall (hardware or software)? Any speciall router with firewall abilities?
Any other comment? thanks
For home use with ease of use, stability, full features, and (as far as I can tell from the opinions of comparative, to me, experts, and security evaluation sites) effective protection, I recommend either sygate personal firewall, or tiny personal firewall. You have a LAN, however, and the per-task protection might not be quite as fully useful for you.
I do believe a router (some, not all, I guess you'll get more info from others or can search for a review) is the best bet for complete security for the entire LAN, however.
I just thought I'd get you started, as both the firewalls I mention have excellent free versions. Of course, their is ZoneAlarm...but...er...I just got completely sick of the instability in that product at the beginning of this year, and ditched it happily.
I agree, probably a router with some internal firewall to protect the lan is the start (security is a never end job). Some routers have NAT and port filtering. Cisco has a new almost cheap home router (soho 71) with a "Stateful Firewall" and a lot of features: http://www.cisco.com/univercd/cc/td/doc/pcat/soho71.htm
I will search more.
How many computers will you have connected on the LAN?
the reason I ask is that there are many 4 port cable/DSL routers available out there that have built in firewalls and are realtively cheap. The one that I liked best was the SMC Barricade SMC7004AWBR with 3 10/100 ports, wireless access point and printserver - its about £150 over here but unfortunalty there was virtually no stock when I was looking so I had to settle on one with less functionality.
I will have 4 computers connected to the lan (two micros, 1 server and 1 notebook).
The telecom company will provide an adsl modem with ethernet port (maybe ericsson or 3com, depending on what they have available) then I will need a dual ethernet router.
edited: I would like one with IPsec pass-through to use with VPN client.
Well, any of the Cable/DSL Routers will have an ethernet in from the DSL/Cable unit and route it to all the other computers.
However, if you have a server why not just get that to do it? Just stick two network cards in it and have a hub plug everything into the hub and let the server be the internet gateway for all the other PC's on the network. Some firewall software can just be bunged on the server as well.
-Not all dsl routers have two ethernet ports, some have one adsl port and one ethernet port only (with 3 or 4 connectors).
-Maybe I could configure the telecom modem (if it is a router) but it will change the SLA and it is their equipment.
-I could use the service without firewall because the associated ISP have some firewall to the internet, but does not protect me from the ISP or other ISP users and I have no control.
- The server I have for some technology tests and it is not always on.
Looks like the solution is a small dual ethernet router with firewall.
I'm using a D-Link DI-704 4 port router. I bought it for $89 US. It works well and has a hardware firewall that works great. I have two systems and my server in my LAN and all are connected to the NET through the router to a cable modem.
First thanks all for the advices :)
I found this interresting page:http://www.firewallguide.com/hardware.htm#Comparative
I am reading the reviews and downloading the PDFs.
I am detailing the initial requirements:
- dual ethernet router (one 10 and the other 10/100)
- NAT & SPI
- NetMeeting support is a plus
Simple users my have problems with all this technology.
I will post later what I find.
I will try the Cisco soho 71 because:
- It is the Cisco 806 with half the ram memory (16MB).
- It has IOS that I can optionally program by hand.
- It will be fast (low latency).
- It will probably be as fast as the Cisco 806 with IPsec (350kbps).
- Probably some support for Netmeeting H.323
- I can use the Cisco VPN with other Cisco routers.
- The downside is the price.
I also liked the below:
- SMC Barricade SMC7004FW
- Dlink Di704P and Dfl300 (great features/fast but expensive $386)
I'm using the Barricade myself, and I love it--for the price I paid (about $50 after M.I.R.), with included print server, it can't be beat. I dont know what IPsec is, though, so I can't say whether the SMC will meet all your needs.
In addition, I use TinySoft's Tiny Personal Firewall on my machines (Windows)--unlike ZoneAlarm, it starts as a sservice, before any other software loads. ZoneAlarm has a pretty glaring security hole, in that a virus can disable it when Windows starts--AFAIK, it isn't run as a service. They might have changed this, tho--I haven't checked on it recently. Tiny takes up little RAM, minimal performance hit, and can be much configured much more accurately than freeware ZA.
IPsec is a way to connect from the internet to the lan using a security channel. Lets say you are visiting someone (with your notebook) and want to connect to your home, you can do it with IPsec.
SMC and D-link are first class products. IIRC there are SMC models with IPsec.
thanks Pete :wink:
edit: To be honest I chose Cisco because of the IOS software, I have a special use for it.
I just run IPchains on a linux box. If you have a lan, then you probably have an old pc lying around and are pretty computer literate. It's a bit of a learning curve, but you can configure your own rules which is nice, like anything from 555.555.555.555 DENY.
Anyhow, it's free.
I finally have a adsl connection at home :)
I have to import the adsl firewall and some other hardware ;) , but the Telecom/ISP adsl modem is NAT capable, then I can start the lan without wait.
The adsl service for homework is really good, faster and cheaper than the ISDN I had before.
vBulletin® v3.8.6, Copyright ©2000-2013, Jelsoft Enterprises Ltd.