[lug] Firewall recommendation?
Quentin Hartman
qhartman at gmail.com
Mon Dec 8 16:04:44 MST 2014
The entry-level ASA devices from cisco are generally considered "real"
hardware firewalls, and aren't _so_ expensive to be out of reach for a home
user. Not sure if they would have the features you want though.
I've had good luck with Sonicwall devices in years past, but I don't know
what they are like lately. But again, features become a question at the
low end since they have to segment the market somehow to justify the costs
of the "big" devices.
I really like the Imagestream Envoy 2 for the kind of application you're
talking about too. http://www.imagestream.com/ Not exactly mainstream, but
very capable devices. However, if you are doing complex configs, there's a
lot to learn.
Really, if you already have a grasp on iptables, or some other iptables
configurator like UFW or shorewall or something, it seems like rolling your
own really might be the optimal solution. One step back from that would be
using a distribution like smoothwall or Monowall. You could get the best of
both worlds that way. In this class of solution I've had a lot of luck with
a product called Untangle, but they re-architected everything since the
last time I used it, so I can't really comment on the current state of
things.
Q
On Mon, Dec 8, 2014 at 3:14 PM, Glenn English <ghe at slsware.net> wrote:
>
> On Dec 8, 2014, at 1:53 PM, William D. Knoche <bill.knoche at gmail.com>
> wrote:
>
> > I am always looking for best practices and rules examples...
> > Suggestions?
>
> I installed a Juniper SSG5 a while back, and it's still sending me email
> when it gets upset about something. Not too expensive, either, for a real
> firewall.
>
> --
> Glenn English
>
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20141208/ccad7f3a/attachment.html>
More information about the LUG
mailing list