Firewalls
Recommendations Jun 24 2008 06:40AM
Johann Spies (jspies sun ac za) (2 replies)
Re: Recommendations Jun 25 2008 04:56PM
Daniel Clemens (daniel clemens packetninjas net) (1 replies)
Re: Recommendations Jun 26 2008 05:59AM
Rick Zhong (sagiko gmail com)
HI,
From the problem you described, I find the customized accounting
program is the main issue. You may want to upgrade/re-develop the
program to make it charge by userid+source ip. If this will satisfy
your requirement, then it is not necessary to change the firewall.
Anyway if you change the firewall, I guess you still need to make
changes to the accounting program.

regards,
Rick

--
Information (In)Security @ Where It Matters - http://blog.rickzhong.com

On Thu, Jun 26, 2008 at 12:56 AM, Daniel Clemens
<daniel.clemens (at) packetninjas (dot) net [email concealed]> wrote:
>
>
>
> On Jun 24, 2008, at 1:40 AM, Johann Spies wrote:
>
>> We have to either renew the licence on our Checkpoint Firewall-1 NG
>> (and upgrade it) or change to another software solution for our
>> firewall setup.
>
> I would upgrade. Keep things simple with what you already know.
>
>>
>>
>> Our approximately 25000 users pay for internet, some of them use a
>> pay-as-you-go-system. At the moment the accounting is done by custom
>> programs that reads the active connections in the FW-memory. We have
>> two problems with the present setup:
>>
>> 1. FW-1 does not connect the user and the traffic in memory or always
>> in the logs. Only the source IP. So it is impossible for us to
>> handle accounting for different users using the same IP.
>>
>> 2. FW-1 does not end active connections immediately after a user has
>> logged off.
>
>
> 1) What would be an acceptable connection teardown timeout value?
> 2) active connections will timeout or tear down within minutes of a
> connection.
>
>>
>> We are in a process of evaluating different options. One of them is
>> NuFw - an open source product.
>>
>> Any recommendations of other products you know of will be appreciated.
>>
>> Regards
>> Johann
>> --
>> Johann Spies Telefoon: 021-808 4036
>> Informasietegnologie, Universiteit van Stellenbosch
>>
>> "Children, obey your parents in the Lord: for this is
>> right." Ephesians 6:1
>>
>
>

[ reply ]
Re: Recommendations Jun 25 2008 04:55PM
Paolo Supino (paolo supino org) (1 replies)
Re: Recommendations Jun 27 2008 07:32AM
Johann Spies (jspies sun ac za)


 

Privacy Statement
Copyright 2010, SecurityFocus