QUOTE
Windows Firewalls Lacking
For something as simple as a firewall for Windows servers, a good solution just doesn't exist.
By Mark Burnett Mar 15 2005 08:51AM PT
I have a problem: I can't seem to find a good host based firewall for my Windows servers. In fact, people constantly ask me what I recommend and I find myself with no good answer.
Even though most of my servers are already behind firewalls, I like having additional protection on the server itself. Sometimes I use remotely co-located servers where I have no firewall, and that makes me completely dependent upon software on the server itself.
It seems like the solution would be simple enough. I have been patiently waiting for someone to come along with a capable, full-featured Windows firewall so I can stop explaining to everyone why the right way to go is probably Linux with iptables. But my wait has mostly been in vain. Every time I think I have found the ultimate Windows firewall solution, I end up being disappointed in one way or another. Let's consider our current offerings.
Sure, there's TCP/IP filtering. It's actually quite fast. But it is also so limited that it's only good for the most basic filtering of incoming traffic. If you use TCP/IP filter, you will definitely need additional layers of protection.
More to read:
Security Focus Home
For something as simple as a firewall for Windows servers, a good solution just doesn't exist.
By Mark Burnett Mar 15 2005 08:51AM PT
I have a problem: I can't seem to find a good host based firewall for my Windows servers. In fact, people constantly ask me what I recommend and I find myself with no good answer.
Even though most of my servers are already behind firewalls, I like having additional protection on the server itself. Sometimes I use remotely co-located servers where I have no firewall, and that makes me completely dependent upon software on the server itself.
It seems like the solution would be simple enough. I have been patiently waiting for someone to come along with a capable, full-featured Windows firewall so I can stop explaining to everyone why the right way to go is probably Linux with iptables. But my wait has mostly been in vain. Every time I think I have found the ultimate Windows firewall solution, I end up being disappointed in one way or another. Let's consider our current offerings.
Sure, there's TCP/IP filtering. It's actually quite fast. But it is also so limited that it's only good for the most basic filtering of incoming traffic. If you use TCP/IP filter, you will definitely need additional layers of protection.
More to read:
Security Focus Home