You may want to look at SonicWall's offerings. I admin a pretty large
network. We use Juniper/NetScreen firewalls at the core and they would
most likely be overkill as well. Any device that can provide a level of
access control based on network layer (layer 3) addressing would be
sufficient. You should just flag the traffic destined for port 21 and
check it against a valid list of addresses. You can accomplish this
easily with a PRO 100 SonicWall or a primitive Cisco router (1700
series) using access-control lists.

Any further questions are welcome. Thanks.

-Kurtis

Rick Merrill wrote:
> Leythos wrote:
> > In article <vLWdneRBqdW4sgnYnZ2dnUVZ_oPinZ2d@comcast.com>,
> > rick0.merrill@NOSPAM.gmail.com says...
> >> Leythos wrote:
> >>> In article <VMSdnR_1w8ayZA7YnZ2dnUVZ_s7inZ2d@comcast.com>,
> >>> rick0.merrill@NOSPAM.gmail.com says...
> >>>> I'm looking for a Hardware Firewall that can
> >>>> be given a whitelist of IP addresses to permit
> >>>> to use FTP.
> >>>>
> >>>> In looking at some possibilities I have not been able to see
> >>>> this specific capability!
> >>> Most firewall appliances do this, in fact, those that don't offer this
> >>> ability are not really firewalls, they are most likely NAT routers
> >>> claiming to be firewalls.
> >>>
> >>> The cheapest solution I know if, hardware, is the DFL-700 series
> >>> firewall from D-Link, the best solutions I know of come from WatchGuard,
> >>> but neither company makes a "cheap" solution, they start around $300 and
> >>> up.
> >>>
> >> Thanks!!!! I've contacted WatchGuard and they're sending a quote and a
> >> URL for a manual!
> >
> > What one did they suggest for your requirement? I've got about 60+
> > currnetly in the field and just spec'd 3 more for a pharmacy group.
> >
>
> Well, their man recommended the "X10E" (12 x ports 10/100) - sounds
> like overkill for what I need.