Posted on Aug 12, 2015
Firewall for Network Security. . . Do you use it? Host or Network?
17K
60
58
4
4
0
Information Technology
Computers
Network Security
Information Assurance
Posted 10 y ago
Responses: 15
0
0
0
My home configuration consists of the following:
Ubiquiti Networks Edgerouter Pro-8 as internet facing router / firewall.
Cisco SG-300-10 LAN switch for my servers and NAS storage devices
Cisco SG-300-10 LAN switch for home LAN
Ubiquiti Networks ToughSwitch Pro-5 POE switch for Wireless LAN
Netgear 8 port switch for management LAN
3 NAS storage
2 WIndows Servers
1 Linux Server
The wireless network consists of 3 Ubiquiti UAP-Pro AP. Internet services is a Time Warner Ultimate and a Windstream DSL configured in a fail-over mode, most traffic goes through the TW link, except in an outage when it is routed through the DSL (6 mps) with QOS set on the Edgerouter to prioritize traffic. I also route the guest wireless access through the DSL and throttle that as necessary.
Not a typical home set up, but i work full time from home and need redundant access. The storage may seem excessive but my other hobby is digital photography, and I shoot in RAW mode, so the data builds up. (and yes I do off-site backups )
Ubiquiti Networks Edgerouter Pro-8 as internet facing router / firewall.
Cisco SG-300-10 LAN switch for my servers and NAS storage devices
Cisco SG-300-10 LAN switch for home LAN
Ubiquiti Networks ToughSwitch Pro-5 POE switch for Wireless LAN
Netgear 8 port switch for management LAN
3 NAS storage
2 WIndows Servers
1 Linux Server
The wireless network consists of 3 Ubiquiti UAP-Pro AP. Internet services is a Time Warner Ultimate and a Windstream DSL configured in a fail-over mode, most traffic goes through the TW link, except in an outage when it is routed through the DSL (6 mps) with QOS set on the Edgerouter to prioritize traffic. I also route the guest wireless access through the DSL and throttle that as necessary.
Not a typical home set up, but i work full time from home and need redundant access. The storage may seem excessive but my other hobby is digital photography, and I shoot in RAW mode, so the data builds up. (and yes I do off-site backups )
(0)
(0)
0
0
0
My company handles sensitive personal information on a daily basis. We have to be locked down, in addition to meeting federal regulatory standards for our industry.
(0)
(0)
0
0
0
SGT (Join to see)
At my last command we had a network based software Firewall, a NIPS, and HIPS clients installed on all hosts.
At my last command we had a network based software Firewall, a NIPS, and HIPS clients installed on all hosts.
(0)
(0)
PO1 John Miller
SGT (Join to see)
The way I look at it, if more military commands or government networks had setups like this, maybe the recent data breaches like what we've seen with OPM wouldn't be as big of an issue.
The way I look at it, if more military commands or government networks had setups like this, maybe the recent data breaches like what we've seen with OPM wouldn't be as big of an issue.
(0)
(0)
SGT (Join to see)
There are more important things to spend money and manpower on. . . .
I don't feel like conjuring lies.
I don't feel like conjuring lies.
(0)
(0)
0
0
0
Sonicwall device - between lan/wan. As well scheduled audits on PC's - any thing iffy it gets reimaged. Home as well.
(0)
(0)
SGT (Join to see)
Cool. I considered running a mirror download location for a few Linux distros I support. Haven't had the time to really get into the details of what I'd have to do to do it right. I also wonder if my blog would be better if I had it on my own storage. Suggestions?
(0)
(0)
SPC David S.
Is the idea behind the mirror for load balancing or fail over? I know the DZ can do fail over however I have never configured it for that. Mainly use the DZ as firewall and porting email sever,web server, and internet traffic. At work I ban certain sites as well as anything gaming or porn related.
(0)
(0)
SGT (Join to see)
SPC David S. - The idea would be fail over. More download mirrors mean a faster download for someone somewhere .
(1)
(0)
SPC David S.
I want to say on sonicwall devices WAN failover and load balancing applies to outbound-initiated traffic only. It cannot be used to perform inbound load balancing functions, such as what a content switching or load balancing appliance provides. There are some software application that can do this for free however I would think there would be some delay in the propagation to DNS servers.
http://download.cnet.com/Simple-Failover/3000-2085_4-10320105.html
http://download.cnet.com/Simple-Failover/3000-2085_4-10320105.html
Simple Failover is a new software based failover solution
(0)
(0)
Suspended Profile
Router and software firewall both...
Read This Next
-
Ask questionGet expert advice and
tips for your questions. -
Post updatePost pictures, personal updates, plans, or anything you like!
Continue with Facebook 
Continue with Google