Best firewall to prevent IP spoofing attack? IDP
I am working with a small company (Less than 10 computers)
They need a firewall, a better firewall than what they have. They specifically need to stop IP spoofing attacks. This comes down to packet filtering and IDP.
I'm thinking the Juniper SRX110 would be a good match
They basically have a ADSL Connection > Router > Internal network at the moment and I'd slot the firewall into the space between the Router and the internal network.
All the devices on the back of the current router would go into the firewall
Just wondering if anyone would suggest another device? perhaps cheaper? as the SRX110 is a big cost for the small company.
Re: Best firewall to prevent IP spoofing attack? IDP
I don't have any hands on experience in dealing with such attacks, however the Draytek routers that I install with clients all have a "block LAND" option in the firewall settings, which is supposed to block IP spoofing from the WAN side.
I am not sure if that covers all forms of IP spoofing or even how well/badly a simple Draytek SOHO router will cope if it does come under attack, but at < £40 delivered for a used Draytek Vigor 2830 it might be worth a look at.
Re: Best firewall to prevent IP spoofing attack? IDP
Quote:
Originally Posted by
SUMMONER
I don't have any hands on experience in dealing with such attacks, however the Draytek routers that I install with clients all have a "block LAND" option in the firewall settings, which is supposed to block IP spoofing from the WAN side.
I am not sure if that covers all forms of IP spoofing or even how well/badly a simple Draytek SOHO router will cope if it does come under attack, but at < £40 delivered for a used Draytek Vigor 2830 it might be worth a look at.
Thanks. I'll take a look
Re: Best firewall to prevent IP spoofing attack? IDP
Those SRX boxes are a bit on the pricy side for most SMBs. Have you looked at the Sophos XG firewalls? You can get a free version (I run one for my homelab on an old Microserver, but it could equally run in a VM) - that might suffice.
Re: Best firewall to prevent IP spoofing attack? IDP
Think I'm going to go with a Zyxel USG40W
Re: Best firewall to prevent IP spoofing attack? IDP
After using a few bits of Zyxel kit, I wouldn't touch them with a bargepole to be honest.
Hell, they seem to not even know the difference between bridge, half bridge and NAT on some of the devices I have had the misfortune of trying to use.