[PLUG] Medical records and commercial firewall boxen

[Paul Heinlein]

On Tue, 20 Dec 2005, Keith Lofstrom wrote:

> So a question ---------------------------------------------------------
>  Can somebody suggest a reliable, secure, easy-to-use firewall
>  appliance that does the simple job above, and they have had good
>  luck with?

The low-end Cisco PIX-501 devices

* are fairly secure
* have fairly sane defaults
* make VPN access for Windows and OS X hosts fairly simple
* are quite configurable
* can be administered via a CLI, a web-based Java applet, or SNMP
   (though I don't recommend the latter :-)
* are quiet and unobtrusive
* have some application-layer protections beyond simple packet
   filtering
* can export configuration file via tftp, easing disaster recovery
* are supported by a myriad of Cisco admins, so the clinic would
   be able to find support should you meet an untimely demise

Plus, I have a feeling that you'd stand a pretty good chance of 
fending off a HIPAA legal challenge if you can show that you're using 
up-to-date Cisco gear. I imagine that a court or arbitrator would see 
Cisco as industry standard. (Obviously, I'm no lawyer, but I'm trying 
to think like one for the sake of argument.)

Froogle shows the 501 model running about $400 for a 10-user license 
and $550 for a 50-user license.

The downside, of course, is that you're dealing with proprietary 
software. There are also a lot of fairly's in my bullet list, 
indicating value judgements on my part; you'll need to judge those 
items for yourself.

-- 
Paul Heinlein <> heinlein at madboa.com <> www.madboa.com