ICSA Labs Certified Router/Firewall

[DasFox]

I made post listed below and I'm trying to find preferably a ICSA labs certifed router/firewall for a home user.

http://forums.anandtech.com/messageview.aspx?catid=27&threadid=1817764

So far all I can find is the Netgear FR114P and the ZyWALL 2, forget about the D-Link I mentioned I'm not interested in it anymore.

If it really comes down to either the Netgear or ZyWALL, I think at this point in time I'd lean towards the ZyWALL, since I don't need a print server, unless everyone can say I should still go for, but I'd really just like a basic router for security without to many bells and whistles.

Any thought on a killer ICSA labs certified, or something even better for a home setup?

THANKS

 

[DasFox]

OK I've made up my mind, unless someone really has something crappy to say about the Firebox SOHO 6, otherwise I'm BUYING it.

http://www.watchguard.com/products/fireboxsoho6.asp

One thing though, what is the differences between (SPI), Stateful Packet Inspection and what
WatchGuard is calling their support; Stateful Dynamic Packet Filtering:

http://www.watchguard.com/products/dynamic.asp

I saw this info on these as well:

http://www.webopedia.com/TERM/S/stateful_inspection.html

So really Stateful Packet Inspection is just another word for Stateful Dynamic Packet Filtering?

THANKS

 

[Boscoh]

www.fortigate.com

 

[DasFox]

Originally posted by: Boscoh
www.fortigate.com

Yes I know who Fortinet is, giving me a URL isn't telling me something I don't know already. For cost to ease of use I don't know anything that is comparable, that is why I asked.

So what does Fortinet have price and ease wise compared to the Firebox SOHO 6? Personally I don't see anything, except the FortiGate-50A which costs twice the price of the Firebox.

ALOHA

 

[Tazanator]

well give it a few months .. Imagestream is working on a box .. code name envoy so far ... cheap, simple (web interface) designed for T1, and competes against Cisco. I have heard alot of good rumors on it so far ... just waiting for official release.

 

[DasFox]

Now I take it we are talking about Imagestream, as in this URL? ---> http://www.imagestream.com/index_1024.html

Well what about this company, Case Communications ---> http://www.casecomms.com

They have a router called the Envoy with the name Imagestream on the outside of it, LOL, boy am I lost here, LOL.

http://www.casecomms.com/products/routers/industrial/envoy.htm

ALOHA

 

[RebateMonger]

Originally posted by: DasFox
So really Stateful Packet Inspection is just another word for Stateful Dynamic Packet Filtering?

Yup.

 

[InlineFive]

Try Astaro if you have a seperate box laying around. The 6.105 release is now ICSA certified, although I'm not sure why that makes a difference for you in a home setting.

 

[stash]

ISA.

 

[Boscoh]

Originally posted by: DasFox

Originally posted by: Boscoh
www.fortigate.com

Yes I know who Fortinet is, giving me a URL isn't telling me something I don't know already. For cost to ease of use I don't know anything that is comparable, that is why I asked.

So what does Fortinet have price and ease wise compared to the Firebox SOHO 6? Personally I don't see anything, except the FortiGate-50A which costs twice the price of the Firebox.

ALOHA

Gee, excuse me. And where in your postings have you mentioned that you knew who Fortinet is? Right.

If you want to go with Watchgaurd, go ahead. Have fun.

 

[DasFox]

Sorry Boscoh, didn't mean to be rude, I mean I just thought someone that mentions a ICSA Labs certified router/firewall is going to know them, afterall they are mentioned on ICSA Labs listing for certified firewalls.

<a target=_blank class=ftalternatingbarlinklarge href="https://newlabs.icsalabs.com/icsa/product.php?tid=fghhf456fgh">https://newlabs.icsalabs.com/icsa/product.php?tid=fghhf456fgh</a>

I didn't like what I read on Astaro and stash what are you saying about ISA?

THANKS

 

[stash]

stash what are you saying about ISA?

It's an excellent ICSA certified firewall.

 

[InlineFive]

Originally posted by: stash

stash what are you saying about ISA?

It's an excellent ICSA certified firewall.

That's not exactly accompanied by a home user price.

I wonder why this person needs an ICSA certified firewall. He may just not know what he is doing, as pointed out by his Windows Professional x64 problems in OS...

 

[stash]

I didn't see anything about his budget.

He may just not know what he is doing, as pointed out by his Windows Professional x64 problems in OS...

Blasphemy! He's been working on Windows systems for 20 years, didn't you know?!

 

[FreshPrince]

I've tried that netgear one and it works very well....excellent web interface that's really easy to use. and cheap too especially for home user.

 

[InlineFive]

Originally posted by: stash
I didn't see anything about his budget.

He may just not know what he is doing, as pointed out by his Windows Professional x64 problems in OS...

Blasphemy! He's been working on Windows systems for 20 years, didn't you know?!

Why no, I didn't know!

Originally posted by: DasFox
OK I've made up my mind, unless someone really has something crappy to say about the Firebox SOHO 6, otherwise I'm BUYING it.

http://www.watchguard.com/products/fireboxsoho6.asp

One thing though, what is the differences between (SPI), Stateful Packet Inspection and what
WatchGuard is calling their support; Stateful Dynamic Packet Filtering:

http://www.watchguard.com/products/dynamic.asp

I saw this info on these as well:

http://www.webopedia.com/TERM/S/stateful_inspection.html

So really Stateful Packet Inspection is just another word for Stateful Dynamic Packet Filtering?

THANKS

In all seriousness, look at an Astaro setup if you have a spare box. Home users get a free license to use the latest production version and receive updates for three years. Plus you get a very slick interface, a bunch of cool features out-of-the-box (beefy VPN support, IPS, etc) and it's ICSA certified.

My Astaro box can do way more than our $400 Sonicwall TZ-170 at work (and is heavily subscription based). And I believe that our Sonicwall TZ-170 and your SOHO6 are on the same tier.

Plus, the Astaro box can perform QoS (same as GameFuel?) if you play games which running heavy P2P in the background.

If you don't want to go a bigger route just get a Linksys WRT54G. It's a decent little box (unless you play WoW. Mine used to crash when the connections exceeded 500 and that is part of the reason I have an Astaro box) and is pretty expandable with 3rd party firmware. It can perform QoS too, come to think of it.

 

[bluestrobe]

Originally posted by: InlineFive
If you don't want to go a bigger route just get a Linksys WRT54G.

For high end home users I would sway away from the WRT54G. It can't handle high bandwidth usage or numerous connections.

OP, what was wrong with the D-Link ones? I thought about going that route.

 

[DasFox]

I don't have any spare boxes for setting up so that is why I want a hardware router/firewall, not a PC as my firewall. Well after digging around and calling the companies and checking their sites out, I found out the Netgear FR114P, is discontinued as well as Watchguard's SOHO 6, so scratch these two.

At present I have my mind on the Netgear FVS114:

http://www.netgear.com/products/details/FVS114.php

This is not a ICSA Labs certified firewall, but looking over the specs, it seems pretty decent. So at this point in the game trying to find a Home user router/firewall ICSA labs certified looks pretty tough without spending a lot.

I run Linux, I don't want wireless, I don't want to mess with all of that in Linux just yet, so I want a wired cat5 firewall.

THANKS

 

[stash]

I still haven't heard a reason why you are so hung up on a ICSA certified firewall. This is for a home application, yes?

 

[bluestrobe]

http://www.dlink.com/products/?sec=2&pid=327 Whats wrong with that one? Every netgear product I have owned of knew of in person has failed or performed below expectations.

 

[FreshPrince]

this is also an excellent and exciting new product....I heard some great thing about it...haven't tried it out myself though...

but the tech specs made it look like a champ

 

[DasFox]

Originally posted by: stash
I still haven't heard a reason why you are so hung up on a ICSA certified firewall. This is for a home application, yes?

I'm not saying I'm so hung over it, I just know when their name is on a product it's good. And this is for a home setup, yes, to protect a few boxes.

Actually I haven't really been looking at the D-Links till today. bluestrobe I've never used Netgear before, so not sure how they really hold up, but it sounds like they haven't been doing to good for you.

Looks cool FreshPrince, but a firewall is all I need, I have all those other goodies covered, oh my bad, I see it has some type of firewall protection, hmm might be a worth while little box to try.

bluestrobe, by the way are you using that D-Link firewall, or any of them?

For Home use I think the D-Link DFL-200 would a bit more practical, but I really need a router/firewall, I don't notice that any of the wired D-Links are (SPI) either, just NAT it looks like.

THANKS

 

[spidey07]

believe it or not ICSA is considered to be the same as the "consumer reports good buy award"

In otherwords, it is worthless.

 

[DasFox]

Originally posted by: spidey07
believe it or not the ICSA is considered to be the same as the "consumer reports good buy award"

In otherwords, it is worthless.

And what basis do you make this claim on? I'd really love to have you write to them and let them know this and see what they have to say.

ICSA goes a tad bit beyond a good buy award, considering their Enterprise level of testing, not to mention other levels, Home, Small Business, Coporate, etc...

Something that has a Enterprise level of certification on it, I find to be way beyond the scope of a good buy award.

You should also let Cisco know they are wasting their time as well, getting their products certified. ICSA labs happens to have certification on most major companies through out the world, I guess they all most be lost, LOL, get real dude, I don't mean to be rude but your statement was like way off, by a long shot, and 100% inaccurate, but thanks anyways for your input.

All of these companies don't seek the certification because it's BS.

<a target=_blank class=ftalternatingbarlinklarge href="https://newlabs.icsalabs.com/icsa/product.php?tid=fghhf456fgh"><a target=_blank class=ftalternatingbarlinklarge href="https://newlabs.icsalabs.com/icsa/product.php?tid=fghhf456fgh">https://newlabs.icsalabs.com/icsa/product.php?tid=fghhf456fgh</a></a>

D-Link's DFL-200 and DFL-700, only have a 1 yr. warranty.. Thanks but no thanks, Spending $200-$400 on hardware with one year, forget it.

ALOHA

 

[spidey07]

fine,

They are still considered by "the industry" as a "consumer reports" type of award and are never considered.

but good luck with that googling.