Hardware firewall advise - D-Link DIR-330 and Linksys

Hi all, I want to buy a hardware firewall with very good security. I'm a
single user with 1 pc, 1 wireless laptop, and possibly doing testing with a
Web, Ftp server, but that's the lowest of my priorities (if I ever get the
time to play with that).

I'm currently undecided between D-Link and Linksys. Linksys' Website is
quite confusing.

I have picked the D-Link DIR-330
, which has SPI, WiFi, and VPN
($170).

Does any one recommend something similar from Linksys? Or is my D-Link
selection OK? Or any other brands or suggestions?

Also I saw on the D-Link site they are selling the VPN software for $50? Can
I use any other software (possible free)? I have not used VPN before, but I
do understand I'll need it to connect remotely (which I don't do regularly).

Thanks for your advise!

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

"Nando" wrote in message
news:rVFxi.440597$p47.102711@bgtnsc04-news.ops.worldnet.att. net...
> Hi all, I want to buy a hardware firewall with very good security. I'm a
> single user with 1 pc, 1 wireless laptop, and possibly doing testing with
> a Web, Ftp server, but that's the lowest of my priorities (if I ever get
> the time to play with that).
>
> I'm currently undecided between D-Link and Linksys. Linksys' Website is
> quite confusing.
>
> I have picked the D-Link DIR-330
> , which has SPI, WiFi, and
> VPN ($170).
>
> Does any one recommend something similar from Linksys? Or is my D-Link
> selection OK? Or any other brands or suggestions?
>
> Also I saw on the D-Link site they are selling the VPN software for $50?
> Can I use any other software (possible free)? I have not used VPN before,
> but I do understand I'll need it to connect remotely (which I don't do
> regularly).

What's your plans for VPN is this to connect from home to work, because may
be you don't need a VPN solution router, and you only need a router that
provides VPN protocols, which most routers come with VPN?

Whatever you do, make sure you get something that is using Wallwatcher.

http://sonic.net/wallwatcher/

For wireless, you might want to look at the Wrt54G which may be a better
overall solution, particularly if you change the firmware over to one of the
3rd party firmware's.

Make sure you try to implement some kind of security measures for the home
network for what it's worth.

http://compnetworking.about.com/od/wirelesssecurity/tp/wifis ecurity.htm

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

"Mr. Arnold" wrote:
>
> "Nando" wrote in message
> news:rVFxi.440597$p47.102711@bgtnsc04-news.ops.worldnet.att. net...
>> Hi all, I want to buy a hardware firewall with very good security. I'm a
>> single user with 1 pc, 1 wireless laptop, and possibly doing testing with
>> a Web, Ftp server, but that's the lowest of my priorities (if I ever get
>> the time to play with that).
>>
>> I'm currently undecided between D-Link and Linksys. Linksys' Website is
>> quite confusing.
>>
>> I have picked the D-Link DIR-330
>> , which has SPI, WiFi, and
>> VPN ($170).
>>
>> Does any one recommend something similar from Linksys? Or is my D-Link
>> selection OK? Or any other brands or suggestions?
>>
>> Also I saw on the D-Link site they are selling the VPN software for $50?
>> Can I use any other software (possible free)? I have not used VPN before,
>> but I do understand I'll need it to connect remotely (which I don't do
>> regularly).
>
> What's your plans for VPN is this to connect from home to work, because
> may be you don't need a VPN solution router, and you only need a router
> that provides VPN protocols, which most routers come with VPN?

Thanks Mr. Arnold, I'm lost with the VPN protocol/solution. The firewall I
need is to connect from my laptop to my pc at home (both using Windows XP)
to transfer some files occasionally (would that be like a remote-control
desktop view or ftp-like connection?) Below is what the DIR-330 specs says:

.. VPN Tunnels: 8 (IPSec, PPTP, L2TP)
.. IPSec LAN-to-LAN / Roaming User
.. PPTP/L2TP Server/Client
.. IPSec/PPTP/L2TP Pass-through
.. IPSec NAT-Traversal
.. DHCP over IPSec
.. Encryption Transform: DES, 3DES, AES
.. XAUTH (Extended Authentication) for IPSec Authentication


> Whatever you do, make sure you get something that is using Wallwatcher.
>
> http://sonic.net/wallwatcher/

Interesting, so this program can alert me and monitor the firewall logs
without logging and using the router's interface? I checked and the D-Link
is not supported. Hopefully I can train it.

> For wireless, you might want to look at the Wrt54G which may be a better
> overall solution, particularly if you change the firmware over to one of
> the 3rd party firmware's.

Interesting, I did not know that was possible (to change to a non-Linksys
firmware). Please tell more about this. Does that mean that Linksys firmware
is not too secure). I actually installed and configured the Linksys WRT54G
router for my sister's apartment. It works great and it costs less than half
the price of the D-Link DIR-330. But seems I'm kinda of techie I figured I
needed something more secured for myself, that's why I picked the firewall
D-Link DIR-330, but it sounds like I'm missing something on my criteria. I
need a hardware firewall with good security, and remote connectivity.

> Make sure you try to implement some kind of security measures for the home
> network for what it's worth.
>
> http://compnetworking.about.com/od/wirelesssecurity/tp/wifis ecurity.htm

Great, I visited the link and read all the info. I'm glad to say that I have
taken all those steps (not for me, but when setting up a router at my
sister's home).

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

"Nando" wrote in message
news:toHxi.440815$p47.146836@bgtnsc04-news.ops.worldnet.att. net...
> "Mr. Arnold" wrote:
>>
>> "Nando" wrote in message
>> news:rVFxi.440597$p47.102711@bgtnsc04-news.ops.worldnet.att. net...
>>> Hi all, I want to buy a hardware firewall with very good security. I'm a
>>> single user with 1 pc, 1 wireless laptop, and possibly doing testing
>>> with a Web, Ftp server, but that's the lowest of my priorities (if I
>>> ever get the time to play with that).
>>>
>>> I'm currently undecided between D-Link and Linksys. Linksys' Website is
>>> quite confusing.
>>>
>>> I have picked the D-Link DIR-330
>>> , which has SPI, WiFi, and
>>> VPN ($170).
>>>
>>> Does any one recommend something similar from Linksys? Or is my D-Link
>>> selection OK? Or any other brands or suggestions?
>>>
>>> Also I saw on the D-Link site they are selling the VPN software for $50?
>>> Can I use any other software (possible free)? I have not used VPN
>>> before, but I do understand I'll need it to connect remotely (which I
>>> don't do regularly).
>>
>> What's your plans for VPN is this to connect from home to work, because
>> may be you don't need a VPN solution router, and you only need a router
>> that provides VPN protocols, which most routers come with VPN?
>
> Thanks Mr. Arnold, I'm lost with the VPN protocol/solution. The firewall I
> need is to connect from my laptop to my pc at home (both using Windows XP)
> to transfer some files occasionally (would that be like a remote-control
> desktop view or ftp-like connection?) Below is what the DIR-330 specs
> says:

The link provides an example of what a VPN solution would be used for, which
would be a secure connection between your computer at home to a company's
network to protect company sensitive data being transmitted between your
company supplied computer with company software on it, which in this case,
that computer would be connected to your router at home. The router would
provide the VPN connection. Most routers provide the VPN in the router's
firmware to make a VPN connection in the manner you see in the example.

http://www.homenethelp.com/vpn/

This router you're looking at is not a typical router for home usage. It's a
VPN router that would be used in a company's work environment with VPN
clients connecting to it to get on the company's LAN. I can't tell you yes
or no not to use a VPN router, because it's your situation and you do what
you want.

But do you really need a VPN router or do you need a FW router, if all
you're doing is transferring some files with a computer on your network to
a laptop you may have with you somewhere?



>
>> Whatever you do, make sure you get something that is using Wallwatcher.
>>
>> http://sonic.net/wallwatcher/
>
> Interesting, so this program can alert me and monitor the firewall logs
> without logging and using the router's interface? I checked and the D-Link
> is not supported. Hopefully I can train it.

No you can't train it. The author of WW would have to configure WW to
capture the syslog from the router. That's if the router is not listed, and
the router produces a syslog to begin with, which you can contact the WW
author about incorporating the router's syslog into the WW solution.

>
>> For wireless, you might want to look at the Wrt54G which may be a better
>> overall solution, particularly if you change the firmware over to one of
>> the 3rd party firmware's.
>
> Interesting, I did not know that was possible (to change to a non-Linksys
> firmware). Please tell more about this. Does that mean that Linksys
> firmware is not too secure).

No it doesn't mean that the Linksys firmware is not secure. It just means
that the Linksys firmware cannot produce the syslog that can be used with
WW.

http://www.google.com/search?hl=en&q=Sveasoft+or+HyperWRT+Fi rmware&btnG=Google+Search


> I actually installed and configured the Linksys WRT54G router for my
> sister's apartment. It works great and it costs less than half the price
> of the D-Link DIR-330. But seems I'm kinda of techie I figured I needed
> something more secured for myself, that's why I picked the firewall D-Link
> DIR-330, but it sounds like I'm missing something on my criteria. I need a
> hardware firewall with good security, and remote connectivity.

Is it a FW router? Just because the manufature is calling something a FW, it
doean't mean that it's a FW solution.

Question? *What does a FW do?*

http://www.vicomsoft.com/knowledge/reference/firewalls1.html

I think the Linksys WRT54G with its firmware and the 3rd party firmwares may
come closer to that definition than the D-link wireless VPN router solution
of being a FW solution. You'll have to check it out for yourself.

If you're looking for a FW solution, then maybe link will further help you.

http://www.more.net/technical/netserv/tcpip/firewalls/

And if you need remote connectivity, make sure you understand what's in the
link, and keep the computer out of the so called DMZ, when using FTP to
transfer files.

http://www.homenethelp.com/web/explain/port-forwarding-dmz.a sp

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

In article ,
nospam@no.spam says...
> Hi all, I want to buy a hardware firewall with very good security. I'm a
> single user with 1 pc, 1 wireless laptop, and possibly doing testing with a
> Web, Ftp server, but that's the lowest of my priorities (if I ever get the
> time to play with that).
>
> I'm currently undecided between D-Link and Linksys. Linksys' Website is
> quite confusing.
>
> I have picked the D-Link DIR-330
> , which has SPI, WiFi, and VPN
> ($170).
>
> Does any one recommend something similar from Linksys? Or is my D-Link
> selection OK? Or any other brands or suggestions?
>
> Also I saw on the D-Link site they are selling the VPN software for $50? Can
> I use any other software (possible free)? I have not used VPN before, but I
> do understand I'll need it to connect remotely (which I don't do regularly).
>
> Thanks for your advise!

http://support.dlink.com/products/view.asp?productidßL%2D2 10

While not wireless, you should really just buy an Access Point and set
it up as needed, so you can upgrade as things change later.

The D210 has LAN and DMZ jacks so that you can REAL separate networks
when you're ready to play.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

"Mr. Arnold" wrote:
>
> "Nando" wrote in message
> news:toHxi.440815$p47.146836@bgtnsc04-news.ops.worldnet.att. net...
>> "Mr. Arnold" wrote:
>>>
>>> "Nando" wrote in message
>>> news:rVFxi.440597$p47.102711@bgtnsc04-news.ops.worldnet.att. net...
>>>> Hi all, I want to buy a hardware firewall with very good security. I'm
>>>> a single user with 1 pc, 1 wireless laptop, and possibly doing testing
>>>> with a Web, Ftp server, but that's the lowest of my priorities (if I
>>>> ever get the time to play with that).
>>>>
>>>> I'm currently undecided between D-Link and Linksys. Linksys' Website is
>>>> quite confusing.
>>>>
>>>> I have picked the D-Link DIR-330
>>>> , which has SPI, WiFi,
>>>> and VPN ($170).
>>>>
>>>> Does any one recommend something similar from Linksys? Or is my D-Link
>>>> selection OK? Or any other brands or suggestions?
>>>>
>>>> Also I saw on the D-Link site they are selling the VPN software for
>>>> $50? Can I use any other software (possible free)? I have not used VPN
>>>> before, but I do understand I'll need it to connect remotely (which I
>>>> don't do regularly).
>>>
>>> What's your plans for VPN is this to connect from home to work, because
>>> may be you don't need a VPN solution router, and you only need a router
>>> that provides VPN protocols, which most routers come with VPN?
>>
>> Thanks Mr. Arnold, I'm lost with the VPN protocol/solution. The firewall
>> I need is to connect from my laptop to my pc at home (both using Windows
>> XP) to transfer some files occasionally (would that be like a
>> remote-control desktop view or ftp-like connection?) Below is what the
>> DIR-330 specs says:
>
> The link provides an example of what a VPN solution would be used for,
> which would be a secure connection between your computer at home to a
> company's network to protect company sensitive data being transmitted
> between your company supplied computer with company software on it, which
> in this case, that computer would be connected to your router at home. The
> router would provide the VPN connection. Most routers provide the VPN in
> the router's firmware to make a VPN connection in the manner you see in
> the example.
>
> http://www.homenethelp.com/vpn/
>
> This router you're looking at is not a typical router for home usage. It's
> a VPN router that would be used in a company's work environment with VPN
> clients connecting to it to get on the company's LAN. I can't tell you
> yes or no not to use a VPN router, because it's your situation and you do
> what you want.

I read the hyperlink's vpn info. I think I got the idea. So a hardware
firewall can either be a VPN Server to allow remote access to the network or
it can allow VPN traffic to a machine that acts as a VPN server. However I'm
just missing the actual implementation of this. So do I only need a VPN
client software if the router is a VPN solution (server)? Or what about if
the router only allow VPN connections (which seems to be the norm), does
that implies that I'll need a VPN client software and a VPN server (software
or hardware) behind the firewall right?

> But do you really need a VPN router or do you need a FW router, if all
> you're doing is transferring some files with a computer on your network
> to a laptop you may have with you somewhere?

I wish I can really know what I need, because I understand the vpn concept,
but I do not have details of the implementation. I may be missing something
but if a VPN router solution will only require to setup a client software
for my laptop to connect, then that's it right there. As I said before, I'll
occasionally connect with my laptop to my home pc (both using Windows XP). I
do not have a clue of how this "connection" will be. I don't know if I'll
just have to go to MyComputer and transfer the file Explorer-like or
Desktop-screenshot-like. I just need to transfer/updating some personal
files.

>>> Whatever you do, make sure you get something that is using Wallwatcher.
>>>
>>> http://sonic.net/wallwatcher/
>>
>> Interesting, so this program can alert me and monitor the firewall logs
>> without logging and using the router's interface? I checked and the
>> D-Link is not supported. Hopefully I can train it.
>
> No you can't train it. The author of WW would have to configure WW to
> capture the syslog from the router. That's if the router is not listed,
> and the router produces a syslog to begin with, which you can contact the
> WW author about incorporating the router's syslog into the WW solution.

I have been playing with a hp printer and a couple of home routers
(usrobotics, linksys), and I have noticed there is always an option to
specify a syslog server. If these devices have this option, why a program
like Wallwatcher need to be configured to capture the logs (just curious).
Is it just the data format right?

>>> For wireless, you might want to look at the Wrt54G which may be a better
>>> overall solution, particularly if you change the firmware over to one of
>>> the 3rd party firmware's.
>>
>> Interesting, I did not know that was possible (to change to a non-Linksys
>> firmware). Please tell more about this. Does that mean that Linksys
>> firmware is not too secure).
>
> No it doesn't mean that the Linksys firmware is not secure. It just means
> that the Linksys firmware cannot produce the syslog that can be used with
> WW.
>
> http://www.google.com/search?hl=en&q=Sveasoft+or+HyperWRT+Fi rmware&btnG=Google+Search

I firmware which source code is available, hmm..interesting... hopefully
that will contribute to make the router more and not less secure.

>> I actually installed and configured the Linksys WRT54G router for my
>> sister's apartment. It works great and it costs less than half the price
>> of the D-Link DIR-330. But seems I'm kinda of techie I figured I needed
>> something more secured for myself, that's why I picked the firewall
>> D-Link DIR-330, but it sounds like I'm missing something on my criteria.
>> I need a hardware firewall with good security, and remote connectivity.
>
> Is it a FW router? Just because the manufature is calling something a FW,
> it doean't mean that it's a FW solution.
>
> Question? *What does a FW do?*
>
> http://www.vicomsoft.com/knowledge/reference/firewalls1.html
>
> I think the Linksys WRT54G with its firmware and the 3rd party firmwares
> may come closer to that definition than the D-link wireless VPN router
> solution of being a FW solution. You'll have to check it out for yourself.
>
> If you're looking for a FW solution, then maybe link will further help
> you.
>
> http://www.more.net/technical/netserv/tcpip/firewalls/
>
> And if you need remote connectivity, make sure you understand what's in
> the link, and keep the computer out of the so called DMZ, when using FTP
> to transfer files.
>
> http://www.homenethelp.com/web/explain/port-forwarding-dmz.a sp

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

"Leythos" wrote:
> In article ,
> nospam@no.spam says...
>> Hi all, I want to buy a hardware firewall with very good security. I'm a
>> single user with 1 pc, 1 wireless laptop, and possibly doing testing with
>> a
>> Web, Ftp server, but that's the lowest of my priorities (if I ever get
>> the
>> time to play with that).
>>
>> I'm currently undecided between D-Link and Linksys. Linksys' Website is
>> quite confusing.
>>
>> I have picked the D-Link DIR-330
>> , which has SPI, WiFi, and
>> VPN
>> ($170).
>>
>> Does any one recommend something similar from Linksys? Or is my D-Link
>> selection OK? Or any other brands or suggestions?
>>
>> Also I saw on the D-Link site they are selling the VPN software for $50?
>> Can
>> I use any other software (possible free)? I have not used VPN before, but
>> I
>> do understand I'll need it to connect remotely (which I don't do
>> regularly).
>>
>> Thanks for your advise!
>
> http://support.dlink.com/products/view.asp?productidßL%2D2 10
>
> While not wireless, you should really just buy an Access Point and set
> it up as needed, so you can upgrade as things change later.

Thanks Leythos, I guess then I won't have to buy those expensive Access
Points that have management capabilities, and multi SSIDs, etc, right?
Because it will be just acting as an antenna or another port or network for
the router that'll be able to administer through the options on the firewall
correct?

> The D210 has LAN and DMZ jacks so that you can REAL separate networks
> when you're ready to play.

Great! DFL-210 looks good. Thanks a lot!

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

>
> I read the hyperlink's vpn info. I think I got the idea. So a hardware
> firewall can either be a VPN Server to allow remote access to the network
> or it can allow VPN traffic to a machine that acts as a VPN server.
> However I'm just missing the actual implementation of this. So do I only
> need a VPN client software if the router is a VPN solution (server)? Or
> what about if the router only allow VPN connections (which seems to be the
> norm), does that implies that I'll need a VPN client software and a VPN
> server (software or hardware) behind the firewall right?

There are three types of VPN solutions and they are the following:

1) Software to software VPN solutions like AT&T's Extra Net client software
running on a computer connecting to AT&T's Extra Net server software running
on a server. Or Windows IPsec software running on a client computer
connecting to Windows IPsec server software running on a server.

2) Hardware to hardware solitions like router to router or router to a FW
appliance.

3) Software to hardware a client machine using VPN client software that's
decicated to a VPN server software that's running on a router or FW
appliance.

>
>> But do you really need a VPN router or do you need a FW router, if all
>> you're doing is transferring some files with a computer on your network
>> to a laptop you may have with you somewhere?
>
> I wish I can really know what I need, because I understand the vpn
> concept, but I do not have details of the implementation. I may be missing
> something but if a VPN router solution will only require to setup a client
> software for my laptop to connect, then that's it right there.

Let's say you have a company laptop and it's connected to the company's
network while you're at work. With that laptop connected to the company's
network, the machine can see all the other machines on the network (other
user machines and servers), and the laptop can access all of them on the
LAN (Local Area Network).

Let's say you have some company accounting software running on your company
laptop and that laptop with the accounting software is accessing the
company's Finance server that has finance data on the server. Data is being
exchanged between your company laptop and the Finance server. That situation
is ok, because the commutations between the two machines are in a protected
environment behind the company's FW.

Let's say the company allows you to take that laptop home with you where you
can do work from home with the laptop connecting to the company's LAN over
the Internet. In all cases that I have seen, that laptop is connected over
the Internet in such a manner that the laptop is right there on the
company's LAN, but it's not physically on the company's LAN.

So, you start using the accounting software on the laptop and it's in
communications with the Finance server on the company's LAN data is being
exchanged between the two computers, but the laptop is not physically on the
protected company LAN behind the FW. The laptop is out there on the public
Internet with that data being exchanged between the computers over the
Internet.

This is where a VPN connection comes into play, which there must be two
valid VPN endpoints. VPN is a protocol that encrypts the traffic between the
two VPN endpoints and the traffic is decrypted at each end, so that the data
cannot be eavesdropped on. The VPN protocol rides on the TCP (Transmission
Control Protocol) and IP (Internet Protocol).

Do you have that kind of situation where the data between two machines must
be protected over the Internet? If you have that situation, then you need
VPN. IMHO, for some simple file transfers where you can use a standalone FTP
server software to do it, I don't think you need VPN for this.


> As I said before, I'll occasionally connect with my laptop to my home pc
> (both using Windows XP). I do not have a clue of how this "connection"
> will be. I don't know if I'll just have to go to MyComputer and transfer
> the file Explorer-like or Desktop-screenshot-like. I just need to
> transfer/updating some personal files.

You use a FTP server on the host machine or some Remote Desktop applications
like PC Anywhere will allow you to transfer files between the client or the
host machine using FTP.

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

In article ,
nospam@no.spam says...
> "Leythos" wrote:
> > In article ,
> > nospam@no.spam says...
> >> Hi all, I want to buy a hardware firewall with very good security. I'm a
> >> single user with 1 pc, 1 wireless laptop, and possibly doing testing with
> >> a
> >> Web, Ftp server, but that's the lowest of my priorities (if I ever get
> >> the
> >> time to play with that).
> >>
> >> I'm currently undecided between D-Link and Linksys. Linksys' Website is
> >> quite confusing.
> >>
> >> I have picked the D-Link DIR-330
> >> , which has SPI, WiFi, and
> >> VPN
> >> ($170).
> >>
> >> Does any one recommend something similar from Linksys? Or is my D-Link
> >> selection OK? Or any other brands or suggestions?
> >>
> >> Also I saw on the D-Link site they are selling the VPN software for $50?
> >> Can
> >> I use any other software (possible free)? I have not used VPN before, but
> >> I
> >> do understand I'll need it to connect remotely (which I don't do
> >> regularly).
> >>
> >> Thanks for your advise!
> >
> > http://support.dlink.com/products/view.asp?productidßL%2D2 10
> >
> > While not wireless, you should really just buy an Access Point and set
> > it up as needed, so you can upgrade as things change later.
>
> Thanks Leythos, I guess then I won't have to buy those expensive Access
> Points that have management capabilities, and multi SSIDs, etc, right?
> Because it will be just acting as an antenna or another port or network for
> the router that'll be able to administer through the options on the firewall
> correct?

Not sure I follow you here. I always use a cheap AP with WPA-PSK or
WPA2, and often put them in the DMZ (depends on need) and then setup a
rule in the firewall to allow Authenticated users access through the DMZ
to the LAN.

>
> > The D210 has LAN and DMZ jacks so that you can REAL separate networks
> > when you're ready to play.
>
> Great! DFL-210 looks good. Thanks a lot!

That's the minimum I would go for a true DMZ.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

>
> I have been playing with a hp printer and a couple of home routers
> (usrobotics, linksys), and I have noticed there is always an option to
> specify a syslog server. If these devices have this option, why a program
> like Wallwatcher need to be configured to capture the logs (just curious).
> Is it just the data format right?

I forgot about this.

Yes, those solutions have the ability to produce a syslog and may have some
limited means of looking at the syslog data, along with the syslog data
itself being limited to how much data the router will hold for a given time
period.

With something like Wallwatcher or Kiwi Syslog Daemon, those solutions
provide much more information, by holding on to the data in a repository on
the computer so that analysis tools that those solutions provide can be
done.

You as someone seeing that data in real time as the router produces the
syslog, which WW or KSD can allow you to look that data in real time too,
you cannot do a proper analysis with what's happening with the traffic data
the router is producing in real time, which the router only holds onto and
shows this data in a limited time frame with the data being lost by the
router after that.

Sometimes, one may need to go backwards in time doing an analysis of what's
happening with a particular WAN/IP or even a LAN/IP and its traffic in a
given time period. WW and KSD captures the syslog data on the computer they
are running on so that history can be done to see just what is happing with
traffic.

The router can only allow you to look at what is happening in a very short
time frame, and then the data is lost. The router cannot hold on to the data
for history analysis to get a clear picture of what is happening.

Re: Hardware firewall advise - D-Link DIR-330 and Linksys

Hello,

Consider 'ZyXEL Internet security appliances'
(http://www.zyxel.com/web/product_category.php?PC1indexflag= 20040908175941)

They are ICSA certified firewalls with VPN support.

I suggest going to ZyWALL 2 plus or ZyWALL P1, they fit into your setup
and budget.


Good luck!

Panda,


--
panda

Some people dream of success,
while others wake up and start working on it!
------------------------------------------------------------ ------------
panda's Profile: http://forums.networkingland.com/member.php?u=2
View this thread: http://forums.networkingland.com/showthread.php?t=21649


--
Posted via a free Usenet account from http://www.teranews.com