Portal Home > Knowledgebase > Articles Database > Firewall OS
Firewall OS
| Posted by andretenreiro, 05-08-2008, 11:04 PM |
| I need to secure a LAN network with 200 computers, a specific hardware solution (like CISCO PIX or so) might not be available.
Though, I'm considering a Firewall OS based Solution like pfSense, m0n0wall, eBox, Endian Firewall, SmoothWall, etc.
There are so many options and I have no experience with none of this. My Requirements are:
Web based configurationClean Interface with graphic statisticsPretty SecureGood hardware supportFree usageSimple configurationSupport for high bandwidth usage
I think OpenBSD is pretty secure, is there any OpenBSD Firewall OS solution with this requirements?
What solution do you suggest ?
Thanks in advance!
|
| Posted by paulorv, 05-09-2008, 08:26 PM |
| OpenBSD is a good choice for a software firewall platform with IP-Filter because you can load and control your own protocol-aware software on it. You can also transfer your firewall rules easily in case you decide to switch it to a different machine later on or want to replicate. I've built a OpenBSD firewall/gateway for my home network, so with some tweaking you should be able to optimize it for a 200-user network.
Can I ask why a hardware firewall is out of the question?
|
| Posted by StevenG, 05-10-2008, 05:01 AM |
| Any linux distribution would do well as well, iptables is pretty easy to manage. Then you can install snort and do more stuff if you wanted to. If you want a web gui, then what you suggested would work fine.
A cheap linux box is often more useful and prices less than a lot of hardware appliances that do exactly the same thing, with less cpu, less memory on them.
|
| Posted by andretenreiro, 05-10-2008, 09:34 AM |
| hardware firewall is not out of question, I simply dont know if our hardware suplier will provide us one. Is there already any firewall OS builted with OpenBSD ?
|
| Posted by andretenreiro, 05-10-2008, 09:37 AM |
| Have you tried pfSense (FreeBSD) versus other Linuxes OS ?
|
| Posted by StevenG, 05-11-2008, 07:04 AM |
| No, never used FreeBSD for a firewall, always just used linux (Debian) for firewalls. Just a collection of bash scripts with iptables rules in for the most part.
|
| Posted by robert03, 05-11-2008, 09:37 PM |
| Have you tried smoothwall? I haven't used it personally, but it seems to fills most of your requirements.
I prefer iptables.
|
| Posted by andretenreiro, 05-11-2008, 09:47 PM |
| I havent tried any Firewall OS, although eBox seems the most complete of all of them.
|
| Posted by drokmed, 05-13-2008, 01:13 PM |
| I always build my own custom firewall with Debian stable, shorewall, and tons of utilities like psad/fwsnort, ntop, iftop, nmap, wireshark, etc.
pfsense (freebsd) is pretty good, I use it. SmoothWall Express 3.0 (debian) is better IMHO. All of the ones you mentioned are popular. I'd suggest you try them, and see which you prefer. Just make sure the one you pick has an active support forum, just in case...
|
| Posted by debiannerd, 05-13-2008, 02:24 PM |
| I would only use openbsd for firewall. but that's just my 2cts.
here is a how to http://www.drones.com/obsd-fw.html
|
| Posted by andretenreiro, 05-15-2008, 08:14 PM |
| Thanks! Nice hint
|
| Posted by drokmed, 05-16-2008, 09:17 AM |
| That how-to is 3-5 years old, uses an OLD version of openbsd, and only does basic firewall/NAT, dns and dhcp. There are newer ones that cover much more... google is your friend
|
Add to Favourites 
Print this Article
Also Read
