Firewall and security

[tear 0]

I building a home network and I'm thinking of security.

 

I will have a server with two nics, one is connected to the internet and one to the network via a switch. All the other computers in the netwok will also be connected to the switch.

 

I belive that installing a firewall will only be nessecery in the server machine, right?

 

What firewall should I go with. I was thinking aout Norton Proffesional Firewall but someone told me that it send information to norton about my surfing habits. Should I go with zonealarm or something else instead?

 

What do you think?

 

------------------

Tear

<a href="mailto:magnus.email@teli.com">magnus.email@telia.com</a>

<a href="http://www.magwebdesigns">magwebdesigns</a>

[DavidNewbould 0]

I have a very similair set up here, and use Winroute on my server, it has a really good built in firewall, and it does NAT routing etc etc

 

So you can use it to share the internet connection as well.

 

------------------

All your base ARE belong to us.

[tear 0]

I was thinking about using wingate, I belive I read something of that it had a built in firewall, maybe that is enough.

[euankirkhope 0]

I have wingate too.

 

With the new beta 4.3 something, there is now NAT for win2000. You can't use a firewall with NAT on the server in addition to the existing internal firewall. You have to install the firewall (like zonealarm)on each client. If you don't enable NAT, and just use the standard ICS, with the wingate internet client monitor, then you can have zonealarm on the server.

 

Basically the firewall blocks the NAT.

[tear 0]

What is NAT?

[clutch 1]

OK, maybe you should take a look at how much security you think you need. The personal firewalls, Black Ice, ZoneAlarm, etc are fine and do a pretty good job. They are true firewalls. Winroute, Wingate, Sygate, ICS, and such are proxy programs that use NAT (Network Address Translation) and/or PAT (Port Address Translation). Basically, they allow you to use one address on one network (in this case, the Internet) and share it to addresses on another network (your LAN). The proxy software can also be setup to forward incoming requests from the outside network (Internet) to a specific machine on your inside network (your LAN). For example, you could have all HTTP (port 80) traffic from the outside go to your web server.

 

Now, some companies like to market this as a "firewall" because it's security through obscurity. People from the outside can't (sort of) come in to your LAN unless the information they have was requested from you in the first place. A true firewall will do much more than that (look into Cisco PIX or Checkpoint sites to see what they can do).

 

For basic home networks, the NAT/PAT approach is fine, unless you really want to lock down what applications can get out of your network to the Internet. This is generally more of a concern for people trying to pirate/hack software due to their "spyware" nature to send out information about the PC that it is installed on. If you are *really* afraid of people trying to get into your network, then you may want to go with the euankirkhope spoke of and install ZoneAlarm on all of your PCs and use a proxy on the server. In a typical corporate network, however, you will have only 1 firewall seperating the inside from the outside networks.

 

------------------

Regards,

 

clutch

[tear 0]

But if I do like I said in the beginning of this thread and have server between the network and the internet I only have to install a firewall on the server, right?

[euankirkhope 0]

OK i'd just stick with the wingate firewall, and after testing the network, at www.grc.com, you can add a firewall later. My network reports as stealth for all ports (this means that the server doesn't respond to outside requests, rather than saying, "no sorry I'm closed")