[tclug-list] OT: Hardware Firewalls - recommendations

Fri Aug 18 09:05:11 CDT 2006

We use Astaro Secure Gateway on a pc as our perimeter security but they
now have hardware firewall appliances also.  It does very well in
reviews.  We have been using it for 1 1/2 years now.  It has virus
protection and surf restrictions, packet filter rules, routing and all
the other stuff you'd expect in a firewall.

The blocking of driver license number will probably take a special
filter no matter what route you go.  How are you going to tell a DL#
from a SS# from an account number (all of which you probably want to
block) from a number of other sorts?  There are products specially
designed to handle this sort of thing, though I have never used any of
them.

Larry R. Pint
National Truck Underwriting Managers, Inc.
larry.pint at ntuminc.com
952-229-3451

> -----Original Message-----
> From: tclug-list-bounces at mn-linux.org [mailto:tclug-list-bounces at mn-
> linux.org] On Behalf Of Randy Clarksean
> Sent: Thursday, August 17, 2006 6:08 PM
> To: tclug
> Subject: [tclug-list] OT: Hardware Firewalls - recommendations
> 
> 
> I am working with a banking client.  They need to upgrade their
> firewall.  I would like to find a hardware based solution to protect
> them, rather than configuring a PC with just a firewall on it (they
need
> to be able to check the logs, etc. easily).
> 
> I have run across the Firebox Edge X5 ... nice looking system, has
> logging, filtering, blocking, can also ban URLs, etc. The one thing I
am
> looking for in addition to that is the ability to scan email
attachments
> as they go out of the system ... as to size .. or if driver license
> numbers are contained in the message/attachment.  The long and the
short
> of it is that I need to scan things as they go out and strip
attachments
> if possible.
> 
> Thoughts?  Suggestions?  Experience in getting hardware like this?
> 
> The internal server will be running Windows server 2003 ... but it
will
> not be running a mail server or anything of the sort.  Their email is
> handled by an outside ISP.
> 
> Thanks in advance.
> 
> Randy
> 
> 
> 
> 
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list