We are beefing up internet security at work. Just replaced the netgear with a Draytek 2800. Thats a good start.
Atm the current setup is....
Draytek---- (WAN) SBS 2003 Server (LAN) ---- Desktops
We want another layer of protection between the draytek and the SBS Server. I have a aqquired an old 1U Dell rackmount for £50, 500Mhz, 512 ram......
We have decided to go for a software firewall, but we havent decided whether to go for 2003 standard edtition or my suggestion a basic linux distribution.
ISA Server is not an option, it is s***e.
Ive been doing some research and all I have come accross is suse firewall, Mandrake Security MNF (which is discontinued), IPCop Linux and Coyote Security.
Needless to say, I am lost, does anyone have any expeirance with setting up an OS just as a firewall. It needs to be free, relatively easy (which is why I would prefer something like mandriva) and more than anything, do the job.
Cheers.
To be fair i would have just picked up an old Watchguard or similar.
I take it that is a hardware firewall device?
What sort of price would you be looking at for that? Any particular advantages over what I am looking at?
Ive just been reading into it further, looks like IPcop would do the job. Though I am still interested in your suggestion?
whats wrong with apf ?
I prefer Smoothwall over ipcop, the latest version (3.0) has some cool features.
Does smoothwall have BlockOutTraffic addon to stop outgoing stuff ? ipcop is easy to set up how easy is smoothwall ?
Ipcop is actually a fork of smoothwal from some time ago, so if youre familiar with Ipcop, then getting to know smoothwall shouldnt be a challenge.
As for particular features, Im not so sure as I havent used it since 2.0, but the 3.0 release should have pretty much anything you need ( I never really wanted anything more than what was there in 2.0, and it does loads more with version 3). Even if it doesnt have a feature, theres a huge modding community on the forums, and its linux, so if you know what youre doing you can do pretty much anything.
I would say that they are about the same thing though, that none is better than the other, it is more a matter of taste or which one you are used to :)
Well Im declaring my self a genius. Ive got IPcop working nicely.
I dont think I have heard of APF?
Ive got it setup using TCP port forwarding, Web Proxy and a Intrusion detection system (snort (http://www.snort.org/))
Overall Im quite chuffed considering my bugger all knowledge of linux.
You can get WinSCP and putty to install stuff like the addonserver which makes it easy to install addons.
m0n0wall would be the preferred free software solution.
Checkpoint FW-1 would be the preferred firewall full stop. You install it on more or less any old server (on SPLAT)
Cisco 800 series for FA off ebay is an ideal soho device for front end. Checkpoint sitting just behind that then.