It seems that alot of dedicated server providers do not offer firewall solutions with the same quality as ThePlanet. The Planet seems alot more organized with an arsenal of features. My main question is, should I spend the extra money on there firewall solutions?
The real question to ask yourself is if you really need a hardware based firewall or not. As eddy suggested their main benefit is speed and taking load off the server (a software firewall is only good for so many packets per second before your server is unusable). If you are in fear of DDoS I would suggest a firewall (or if you had many servers you wanted to firewall).
I think if you're asking this question, you'll probably be fine with pf/iptables/whatever software firewall you have on your OS.
Have you set up a software firewall and found it to be inadequate? Only when you know what kind of load you're getting will people be able to determine how much horsepower you need in a hardware firewall.
Originally posted by AntonIFI Can anyone recommend some affordable, decent software firewalls? Also is the firewall (ICF) that comes with Windows 2003 any good?
Well, I personally find the use of IPSecs or RRAS which comes with Windows 2003 to be sufficient for most needs. Basically, they allow standard blocking or allowing of ports for use with the internet. The best part is that it is free and easy to use.
To the OP, you could begin with the software firewall but if you find that you do not want to create any load your server, you could consider enabling Ozone which is an ACL Security tool which pretty much does the core function of a firewall and does not load your system up. Check out http://www.theplanet.com/telemetry/0305/np3.html
Also, apart from the Unmetered plans, there are a few DoS and Intrusion Alert and Mitigration system at work at The Planet facilities which is available free of charge.
A good firewall for a server, if using windows 2000 or 2003, would be zonealarm. I have it on my california box and it works great. Sometimes it needs a restart because it will have alot of people connecting to it, and it filters alot of hackers. In the past month it has blocked 4,000 packets which is good, and it makes the server have less latency.
Since buying, and maintaining a dedicated firewall is expensive or complicated, we have implemented a "gateway" solution that only opens up ports to the server's private VLAN.
It isn't 100% secure because you are in a mini "DMZ" with your neighbors on the rack, However, it is quite effective.
We are also able to run Gateway AntiVirus and SpamScreen, in addition to stateful packet inspection. The stats are really amazing, just this week alone we have stripped 587 viruses and deleted 52,712 spam emails even before they reached our customers servers.
██ Ray Womack @ atOmicVPS LTD ██ Linux & Windows Cloud Hosting Solutions Powered by OnApp
██ Fully Managed [Shared] ► [Reseller] ► [Cloud VPS] ► [Dedicated]
██ Featuring the atOmicSTACK™ ● Speed ● Performance ● Reliability