Jos

Thanks for that

Colub

>Colin, protecting your network and related assets depends on a number of factors. What you say is true; if a user chooses to download malware via an allowed port on your firewall, eg HTTP 80, then your user has bypassed the security policy.
>
>Have a hardware firewall between your network and the external network. Each server should run server AV+AT. Have AV+AT on each users machine and, if cost-benefit allows, have a software firewall like ZoneAlarm on each users workstation.
>
>Ultimately security always comes down to a cost-benefit decision. You apply as many security policies, procedures, tools, and user education as the cost-benefit analysis allows.
>
>
>
>>Neil
>>
>>How nuch work do you do with the Sonicwall in relation to Content Addressable settings? if a user accesses a nasty web site then the nasty web site will sent him back nasties surely
>>
>>Do you run a software firewall on top?
>>
>>Colin
>>
>>
>>>Hi,
>>>Sack the supplier that suggested NAT, he has just shown that he does not know security.
>>>
>>>The Sonicwall gear is very good, highly recommend it.
>>>
>>>>Hi
>>>>
>>>>I have 2 IT suppliers working with me and we're discussing security - one advises just a NAT router and the other Sonicwall hardware firewall
>>>>
>>>>Our applications involve multiple incoming connections and we're transmitting data around the world over the Internet all the time
>>>>
>>>>We also make extensive use of Skype
>>>>
>>>>Are both solutions equally secure?
>>>>
>>>>Thanks
>>>>
>>>>Colin