Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Central managed Firewall for 250+ laptops

  • 22-10-2003 10:03am
    #1
    Registered Users, Registered Users 2 Posts: 731 ✭✭✭


    Hi


    Does anyone know of a centrally managed Firewall for 250+ laptops.

    I need to be able to create a rule etc on my server and configure etc from a central point and when a user logs on remotly their firewall gets configured accordingly

    I know of Zonealarm Integrity so far but does anyone have any other recommendations?

    Tks,

    Dwayne


Comments

  • Closed Accounts Posts: 6,143 ✭✭✭spongebob


    Cisco PIIX, it is a piece of Hardware with embedded software.

    M


  • Closed Accounts Posts: 12 dilbert_ie


    Hi,

    I used to use raptor and check point (1997 -> 2001)

    Checkpoint seemed to offer the best mobile options so that you could connect over the internet to your office firewall and authenticate.

    Firewall to Firewall is another problem entirely but if you only want laptop to firewall check point does the job.

    I would recommend that you get some training on it though as there a multitude of options also scsi disks are a must due to the amount of logging and disk accesses that firewalls perform.

    If you need your firewall to setup a vpn with another firewall, save yourself alot of pain and make sure that they are identical. In theory they are supposed to talk to each other but in practice we never got it to work.


  • Registered Users, Registered Users 2 Posts: 4,484 ✭✭✭Gerry


    I'm not sure what you are trying to do here. Are you trying to run a personal firewall on each laptop, and manage them from a central location? If so, don't bother. Personal firewalls are fairly rubbish compared to a centralised cisco firewall or unix box.


  • Registered Users, Registered Users 2 Posts: 731 ✭✭✭dwayneburke


    Hi,

    Thats what im exactly trying to do. I have 250 + plus sales guys who dial into our VPN concentrator with their own laptops.

    These guys also dial up their own internet connection and sometimes start running programs like kazaa etc which are usually riddles with worms etc. I want to stop all these programs and block ports etc. They are running win98/2000 and i want to be able to pus out policies when needed from a central location.

    We are a financial institution so privacy and sceurity is paramount

    Any ideas?

    Tks


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,563 Mod ✭✭✭✭Capt'n Midnight


    Financial Institiution , 250+ laptops => Big Budget.

    So simply Block all dial up connections from their machines to anywhere other than yourselves - if they want internet access they dial you and go out through your corporate firewall. .. also means they have to logon -- which allows AV software updates etc.

    Check the IT policy - it probably already says they can't use the laptops for personal use or connect to other networks (at least it should considering the nature of the organisation)

    ESAT (for example) can setup a freephone number for them to dial into - and have a RADIUS server processing the SecurID Keyfobs..

    Let them know that if you find ANY indication of other dial up connections or viruses you'll re-image their machines :D

    Unfortunately with Win98 they can bypass ALL security - so may have to put them outside a firewall to protect your internal network (just something to think about.)


  • Advertisement
Advertisement