What types of firewalls are zone alarm and tiny

[watts3000]

Are these stateful inspection firewalls. I run a exchange server web server and ftp server. I have a linksys router that runs nat. I want to be able to allow inbound access on these ports and only these ports. Baiscally blocking all 60,530 ports. I'm new to security. Or should I go with the hardware route and if so what hardware firewalls do you suggest.

 

[n0cmonkey]

Thats an expensive setup so there is no need to skimp on security. You an get a firewall appliance, some are expensive, some arent. If this is for a large company (like the use of exchange suggests) look at an enterprise level firewall. Checkpoint, PIX, Symantec enterprise firewall (or whatever, formerly Raptor), and sidewinder are all good choices if you know what you are doing. Hiring a company to manage your security may be a better solution, but it is expensive (less expensive than a 2/7 staff though 🙂).

If this is a smaller business (WTF do you need exchange for?! 😛), go with a SOHO product like sonicwall or one of those. velociraptor may be a good choice, but I havent had the oppurtunity to look into it much.

For a home/SOHO setup I would personally go with OpenBSD and IPF/PF. Its a simple solution, provides great security, and will run on a variety of old hardware. Good simple remote administration is also a plus.

As far as TPF and Zone alarm go, I would stick with Tiny. It seems to have a better interface for keeping things locked down. Dont get me wrong, I like ZA, but TPF made me think I had more control over what crossed my wires. Blocking 6553? ports isnt fun and shouldnt be left up to chance.

Also talk to your isp about blocking traffic on their end. If they block as much traffic through access control lists on their router your firewall wont be as busy and you wont have to pay for as much bogus traffic. Good luck. 🙂