Monitoring Network Through Firewall

Imminent

Well-Known Member
Joined
May 12, 2010
Messages
306
We want a firewall application that can do the following

  • Monitor Website Visited
  • Monitor IP Address & Computer Name That Visited Said Address
  • Block Access to Certain Websites
  • Monitor Data Usage Of Each Computer
  • Run On A Windows Server
  • Serve As Gateway For Applications To Connect To

If anyone has any advice I would greatly appreciate it.

P.S. I am aware of Smart Switches/Hubs and Proxy Servers but we would like this service from a firewall.

Regards,
Imminent
 

syntax

Executive Member
Joined
May 16, 2008
Messages
8,656
U want a firewall that runs on a windows server??
TMG is ur only real option then i think....It can actually do all of what u want as well
 

Elvis007

Well-Known Member
Joined
Dec 24, 2009
Messages
156
I only know of TMG as well for Windows, and that only runs on Win 2008 as far as I know. Or you could get ISA 2006 if you are running Server 2003, but it does not have the new web policies that TMG has...

On another note, I was using TMG at home till last night, popped in a Untangle CD, an hour later I have a very nice Linux based firewall running. Very impressed so far. And I have never worked on Linux before in my life... (actually still not, everything is configurable through a web interface)

I just got fed up with re-installing everything after the 120day trial expired, can't afford MS license fees....
 

w1z4rd

Karmic Sangoma
Joined
Jan 17, 2005
Messages
49,747
Runs on windows? Wtf... fail server. Microsoft make terrible gateway servers.

If you decide to go the normal more stable and business wise way... try clearos, it comes with dansguardian and all the stuff you want. You also dont need to be too smart to set it up.

Untangle is okayish, but does not monitor user usage. Both are configurable through a web interface so even windows "techs" can use them.
 

Elvis007

Well-Known Member
Joined
Dec 24, 2009
Messages
156
Runs on windows? Wtf... fail server. Microsoft make terrible gateway servers.

If you decide to go the normal more stable and business wise way... try clearos, it comes with dansguardian and all the stuff you want. You also dont need to be too smart to set it up.

Untangle is okayish, but does not monitor user usage. Both are configurable through a web interface so even windows "techs" can use them.


ISA and TMG are not that bad, it get's the job done doesn't it? I have worked at a few companies with 5000+ users that uses ISA and TMG. Then quite a few uses Cisco, Juniper and Fortigate, but never once came across a company that uses a Linux firewall. Probably because I never worked in a small IT environment, Corporate companies does not even look at free firewalls, they have the money and want the best, so they are willing to pay for a decent firewall, but I think the word "decent" excludes ISA thought :)

So I would recommend TMG as he want's it to run on a Windows Server...
 
Last edited:

syntax

Executive Member
Joined
May 16, 2008
Messages
8,656
ISA and TMG are not that bad, it get's the job done doesn't it? I have worked at a few companies with 5000+ users that uses ISA and TMG. Then quite a few uses Cisco, Juniper and Fortigate, but never once came across a company that uses a Linux firewall. Probably because I never worked in a small IT environment, Corporate companies does not even look at free firewalls, they have the money and want the best, so they are willing to pay for a decent firewall, but I think the word "decent" excludes ISA thought :)

Checkpoint is a chopped down version of red hat, and therefore qualifies as linux :)

ISA is less than average. The logging is absolutely shocking. Havent used TMG, hope i never have to...
 

ponder

Honorary Master
Joined
Jan 22, 2005
Messages
92,825
ISA and TMG are not that bad, it get's the job done doesn't it? I have worked at a few companies with 5000+ users that uses ISA and TMG. Then quite a few uses Cisco, Juniper and Fortigate, but never once came across a company that uses a Linux firewall. Probably because I never worked in a small IT environment, Corporate companies does not even look at free firewalls, they have the money and want the best, so they are willing to pay for a decent firewall, but I think the word "decent" excludes ISA thought :)

I think it's more about the backup & support they are interested in.

Most of these commercial firewalls run a custom version of BSD (or Linux) hidden from the user. NokiaIPSO, JunOS, FortiOS, NetApp, F5 Networks, IronPort are based on FreeBSD (Fortinet was started by a ex Juniper guy), Sonicwall uses Solaris and there are many more out there. Very few companies design operating systems from the ground up.

They all go for BSD due to the BSD/MIT license which allows them to 'take' the code. BSD also has one of the best network stacks out there. OpenBSD is also heavy into security and their side projects like OpenSSH, OpenNTPD etc and security code patches have found their way into the other BSD's and commercial products.

So those 'decent' products are actually BSD (& Linux to a lesser extent) at their core.

I have to agree though that MS is not the type of platform you want to use as security/gateway tool.
 
Last edited:

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
25,514
Why does it need to run on a windows server?

Have a look at pfsense. Not a bad open source Linux based firewall. What kind of data usage are you looking to monitor. If you want a proxy then look at ipcop/smooth wall.
 

Imminent

Well-Known Member
Joined
May 12, 2010
Messages
306
Its nice to see all the different viewpoints on this subject, ive been looking into Smoothwall, Untangled but as Elvis said, if the company can afford dedicated hardware why go after a free option?

We are going to get a whole new telephone system installed soon from Samsung.

I believe they will provide us with some dedicated hardware that will monitor calls, log websites visited etc.


But for the time being I was just looking for a sollution that runs on a Windows XP Pro X64 O/S (Serves as the Gateway PC)
 
Top