Article:
 |
|
Configuring Jaguar's Firewall
|
| Subject: |
|
Can Brickhouse help protecting a small network? |
| Date: |
|
2003-01-12 11:31:45 |
| From: |
|
anonymous2
|
|
|
|
Hello everyone,
I have been reading you super article on Firewalls. I liked it very much. However, as newbie as I am in the sys admin arena (not in the engineering arena) I have a scenario where I would to install a firewall. Could you please let me know if it's feasible? Here we go:
I have a bunch of computers at the company which are linked together to the Internet via a router. So far, everything works fine because Mac OS 9 cannot be hacked as easily as other systems. In a couple of weeks, we're moving to Mac OS X, and suddenly the game changes.
I would like to create a firewall to stop potential intruders, and I thought that perhaps BrickHouse could help me here. We don't have many consultants that know what OS X in Barcelona, Spain, so I have to look for help elsewhere.
Could you please let me know what can I do to or how should I put BrickHouse to work in such scenario? I've heard that some people in other OS's use a PC with two NICs and a virtual IP table with a list of allowed IP that have granted access to the protected network. Can BrickHouse simplify this situation? Do you have any suggestions?
Thank you very much. Your help is *amazingly* appreciated.
Regards.
|
Showing messages 1 through 1 of 1.
-
Can Brickhouse help protecting a small network?
2003-01-15 07:55:20
cochella
[View]
1. One possibility is to configure the firewall on each computer with Brickhouse or otherwise. However, that is a lot of work to configure and maintain many machines.
2. Brickhouse could be used to configure the firewall of one machine that might be acting as a router (separate software) for the other computers on your network that sit "behind" this router/firewall. This computer should probably be dedicated to this task.
3. Purchase a router/firewall product. A good product line is Netopia (www.netopia.com; Mac and PC friendly). I have experience with the R9100 series (~$400 new; $200 used) which has a built-in firewall, router and 8 port hub. You can dangle another hub off of that to accomodate more coputers. The firmware is upgradeable. The tech support costs some money but it is good. The product is stable and relatively easy to configure via a terminal or through a Web-page interface. In addition, two netopia R9100s can be remotely linked together to form a virtual private network which is kind of handy if you have two offices.
In my opinion, whatever solution you choose, it should act like an appliance--do one or two tasks and that is it. Therefore, option 3, or something like it would be your most reliable and easiest solution.
Best regards,
Chris