Posted on Aug 12, 2015
SGT Writer
13.9K
60
58
4
4
0
Avatar feed
See Results
Responses: 15
Cpl Software Engineer
5
5
0
There are several regulations, edicts, or industry practices that require firewalls between certain types of servers. For the client I develop for at the company I work, there are firewalls between front end, middle wear and database servers. Not to mention there are firewalls separating each client and on the core switch coming into our data-center. For PCI compliance we don't even store credit card information. We've outsourced it to a company that specializes in processing and storing credit card data.
(5)
Comment
(0)
GySgt Carl Rumbolo
GySgt Carl Rumbolo
9 y
For business use I tend to favor Checkpoint, at one time I had a Watchguard SOHO device, it was adequate but really didn't meet some of my needs in terms of multiple VPN end points etc - it became an issue around licensing costs. Cisco makes good product, again, licensing can be a cost driver for Cisco (as well as Checkpoint).

I do some level of consulting work on the side for small businesses and for that my go to solution is the Ubiquiti series devices - it's relatively inexpensive, and properly configured very secure - though you really need to know what you are doing. It will meet PCI testing standards, and in addition is fully in line with requirements to meet HIPPA security needs.
(0)
Reply
(0)
GySgt Carl Rumbolo
GySgt Carl Rumbolo
9 y
SGT (Join to see) - SSH is not a firewall, so not sure of the relevance. SSH is essentially secure telnet. An access solution.
(0)
Reply
(0)
LCpl Arrick Moore
LCpl Arrick Moore
9 y
I've used the 4.... Checkpoint, SonicWALL, WatchGuard and Cisco.... I very much prefer the checkpoint, but in order of user configurability and cost of configuration, it would be cheapest to most expensive... watchguard, sonicwall cisco, checkpoint...
(1)
Reply
(0)
SGT Writer
SGT (Join to see)
>1 y
LCpl Arrick Moore - Never heard of Checkpoint. You seem to have nothing but great things to say about it, though.
(0)
Reply
(0)
Avatar small
SSgt Alex Robinson
2
2
0
I have a hardware firewall and would never think of not having one
(2)
Comment
(0)
SGT Writer
SGT (Join to see)
>1 y
Could you recommend a some products to look into if I wanted to learn more?
(0)
Reply
(0)
SSgt Alex Robinson
SSgt Alex Robinson
>1 y
Barracuda or sonicwall
(1)
Reply
(0)
SGT Writer
SGT (Join to see)
>1 y
Thanks.
(0)
Reply
(0)
SGT Writer
SGT (Join to see)
7 y
SSgt Alex Robinson - Are those suggestions different now? Regardless, can you specify some products to consider?
(0)
Reply
(0)
Avatar small
Sgt Ken Prescott
2
2
0
NMCI told me that my network settings are "too paranoid" to work with their laptops. F*** 'em if they can't take a joke!
(2)
Comment
(0)
GySgt Carl Rumbolo
GySgt Carl Rumbolo
>1 y
A very professional attitue
(0)
Reply
(0)
GySgt Carl Rumbolo
GySgt Carl Rumbolo
9 y
Now that is an 'professional' response from an IT person. Seriously, too much security is just as bad as 'too little'. Security controls, including network access controls should be configured to meet the requirements of security while not limiting business processes and functions.

Once you start 'locking' things down for the sake of locking them down, you will quickly find yourself playing whack-a-mole with vulnerabilities as end-users try to work around things. Worse - in a business oriented environment you will quickly alienate your internal customers and find yourself irrelevant and outsourced.
(0)
Reply
(0)
Sgt Ken Prescott
Sgt Ken Prescott
9 y
I understand, but my network is there to meet my needs, and NMCI was willing to accept risks that I found to be unacceptable. (About a year later, they wound up incorporating my settings because they had been hacked--said hack had been active at the time I had told NMCI that they were taking unacceptable risks for the security of my network. If I had said OK, my family's information would have been compromised.)
(0)
Reply
(0)
SGT Writer
SGT (Join to see)
>1 y
Sgt Ken Prescott - They didn't like your higher standard until it proved effective and necessary.
(1)
Reply
(0)
Avatar small

Join nearly 2 million former and current members of the US military, just like you.

close