Well, if the bank is 20 miles away, we can safely assume that the cost to drive the money to the bank is $3.58...

On a similar note, you can purchase the ARRL Repeater directory for about $10, I keep a copy in my truck, but it fits real good in a backpack pocket too. It has almost all the repeaters in the US and Canada.
http://www.arrl.org/shop/The-ARRL-Repeater-Directory-2010-2011-Pocket-sized/

My recommendation would be to contact the local Ham clubs in the areas you plan to frequent. You may find that there are a number of repeaters in the area you are going to be in.
http://www.arrl.org/find-a-club

I would encourage you to become a Ham, I have enjoyed the hobby for the last 8 years. Most Hams worth their radios would gladly sit down and have a conversation with you about whether or not becoming a Ham and getting a radio up in those mountains is worth your time.

You can still do a lot with 5 Watts of power on VHF.

KD7PUA

Yes, firewalls are only a first-line-of-defense tool. Making the assumption that a firewall is an end-all-be-all solution is not a good practice. You do need to have a network perimeter to filter out a large factor of attacks, internal borders to mitigate internal problems, and desktop/server security to protect you from your users.

That is why we have firewalls, content filters, network access control devices, intrusion prevention systems, and desktop products (like Cisco Security Agent).

You can't get your whole network security from a single solution and not necessarily a single vendor.

Fair enough. It might have been presumptuous of me to assume that a gui based "drag 'n drop" system would lead to someone creating policies and applying them before checking to see how they are applied and what the end-effect would be. A lot of time when someone is looking for a GUI system of that nature, they are looking for a way to not spend money on a security professional, but instead let a person with minimal training manage these devices.

Any tool is only as useful as the person using it. If you have your janitor programming your firewall because it happens to sit in his closet, then you probably have bigger problems on your hands anyway.

I'll admit, in my office, we script the heck out of a lot of configurations, but that doesn't mean we fire and forget. We still have to look at the end result and see how this stuff is going to fly before we apply it.

Yes, find someone who knows something about networking and more importantly about firewalls Try someone who has a CCSP or CCIE:Security as part of their title. Some of the things you are talking about have existed for years on Cisco Pix and ASAs like downloadable ACLs (Where based on your credentials you get firewalled differently) which can be applied across a whole enterprise of firewalls. Dynamic inspection of traffic, like h.323 traffic, so you don't have to open a whole range of ports other than the signalling port.

Dear lord, gui based management of a fleet of firewalls? You want to drag and drop things and make magic happen when you do that? Sounds pretty reckless and dangerous to me. That's like saying because you can ride a bicycle, you should be allowed to drive a hazmat semi at top speed through downtown LA. If you don't understand what the rules are and how they will be applied in the first place, you are likely just going to cause problems (like accidentally shutting off your company's ability to sell their trinkets online because you locked it down on accident.)

By the way, I don't care what the kid from the nerd herd tells you, Belkin and Linksys do not sell firewalls. They sell quasi-routers with nat and some limited form of access control. Finally, UPnP is not the answer to your problem, that just makes it easy for people to put devices on your network to open security holes up in your firewall, which is why it's not supported on most enterprise grade firewalls (and wouldn't work anyway if you looked at the way most enterprises build their networks)