[lug] Firewall recommendation?

Stephen Kraus ub3ratl4sf00 at gmail.com
Mon Dec 8 16:08:38 MST 2014


Sonicwall has gotten....obfuscated lately. We tried to roll one out and its
a pain in the butt.
On Dec 8, 2014 6:05 PM, "Quentin Hartman" <qhartman at gmail.com> wrote:

> The entry-level ASA devices from cisco are generally considered "real"
> hardware firewalls, and aren't _so_ expensive to be out of reach for a home
> user. Not sure if they would have the features you want though.
>
> I've had good luck with Sonicwall devices in years past, but I don't know
> what they are like lately.  But again, features become a question at the
> low end since they have to segment the market somehow to justify the costs
> of the "big" devices.
>
> I really like the Imagestream Envoy 2 for the kind of application you're
> talking about too. http://www.imagestream.com/ Not exactly mainstream,
> but very capable devices. However, if you are doing complex configs,
> there's a lot to learn.
>
> Really, if you already have a grasp on iptables, or some other iptables
> configurator like UFW or shorewall or something, it seems like rolling your
> own really might be the optimal solution. One step back from that would be
> using a distribution like smoothwall or Monowall. You could get the best of
> both worlds that way. In this class of solution I've had a lot of luck with
> a product called Untangle, but they re-architected everything since the
> last time I used it, so I can't really comment on the current state of
> things.
>
> Q
>
>
>
>
> On Mon, Dec 8, 2014 at 3:14 PM, Glenn English <ghe at slsware.net> wrote:
>
>>
>> On Dec 8, 2014, at 1:53 PM, William D. Knoche <bill.knoche at gmail.com>
>> wrote:
>>
>> > I am always looking for best practices and rules examples...
>> > Suggestions?
>>
>> I installed a Juniper SSG5 a while back, and it's still sending me email
>> when it gets upset about something. Not too expensive, either, for a real
>> firewall.
>>
>> --
>> Glenn English
>>
>>
>>
>> _______________________________________________
>> Web Page:  http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>>
>
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20141208/7ac8a602/attachment.html>


More information about the LUG mailing list