Firewalls
Recommendations Jun 24 2008 06:40AM
Johann Spies (jspies sun ac za) (2 replies)
Re: Recommendations Jun 25 2008 04:56PM
Daniel Clemens (daniel clemens packetninjas net) (1 replies)


On Jun 24, 2008, at 1:40 AM, Johann Spies wrote:

> We have to either renew the licence on our Checkpoint Firewall-1 NG
> (and upgrade it) or change to another software solution for our
> firewall setup.

I would upgrade. Keep things simple with what you already know.

>
>
> Our approximately 25000 users pay for internet, some of them use a
> pay-as-you-go-system. At the moment the accounting is done by custom
> programs that reads the active connections in the FW-memory. We have
> two problems with the present setup:
>
> 1. FW-1 does not connect the user and the traffic in memory or always
> in the logs. Only the source IP. So it is impossible for us to
> handle accounting for different users using the same IP.
>
> 2. FW-1 does not end active connections immediately after a user has
> logged off.

1) What would be an acceptable connection teardown timeout value?
2) active connections will timeout or tear down within minutes of a
connection.

>
> We are in a process of evaluating different options. One of them is
> NuFw - an open source product.
>
> Any recommendations of other products you know of will be appreciated.
>
> Regards
> Johann
> --
> Johann Spies Telefoon: 021-808 4036
> Informasietegnologie, Universiteit van Stellenbosch
>
> "Children, obey your parents in the Lord: for this is
> right." Ephesians 6:1
>

[ reply ]
Re: Recommendations Jun 26 2008 05:59AM
Rick Zhong (sagiko gmail com)
Re: Recommendations Jun 25 2008 04:55PM
Paolo Supino (paolo supino org) (1 replies)
Re: Recommendations Jun 27 2008 07:32AM
Johann Spies (jspies sun ac za)


 

Privacy Statement
Copyright 2010, SecurityFocus