[fw-wiz] Recamendations on firewalls


I have been using IPcop as a firewall for close to 4 years now, before
then I used a slackware box with a bunch of home made scripts.

Current firewall hardware. Celeron 300 with 128 RAM. 1 10 NIC, 1 10/100 NIC.

I am looking to step up my security and functionality to a higher
level. I am looking at other OSS projects and see quite a few.
Astaro is top of my list right now, but there are so many others.
(m0n0wall, redWall, Endian, etc)

What I do.
This is a home network.
I have some websites hosted, nothing major, small stuff.
I ssh to home, and tunnel squid, vnc, etc through that from work, or
other places.
Sometimes VPN to friends network.

Some functionality I would like to see.
Restricting bandwidth usage. Kind of like squid, but on the firewall.
SSL(Web) VPN. (not a priority)
IDS/IPS capabilities with the bellow
Better logs/reporting with alerts.
Port knocking would be cool
Web based configuration/monitoring.
Handles over 20,000 connections (bit torrent, etc)
Posible virus/spam protection.

Well I gues first question what do people think of Astaro?

Second question, what are suggestions?

And of course the 3rd questions is for comments?

Thank you all!

firewall-wizards mailing list

Relevant Pages

  • RE: Sandboxing
    ... the 3Com Embedded Firewall would be extremely useful and enabling (in ... your case) when you look at it in a VPN context. ... This security policy will accomplish quite a few things: ... During the Policy Server installation, ...
  • Re: VPN Firewall for new webserver
    ... > I'm setting up a webserver at a colocation and I need to put a VPN ... You're not going to get a quality firewall for that amount, ... and D-Link makes a DI-804HV unit ... users access to the SQL server, let them do it through a VPN session. ...
  • Re: Firewall Info/Recommendations?
    ... I would seriously consider an air-gap solution. ... Let me outline a few features that no other firewall can touch. ... Provide secure access without a VPN from any web browser (this greatly ... > manageable without much higher-level support if you want things like ...
  • Re: [fw-wiz] Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
    ... complexity and architectural inelegance of having 3-5 gateway security ... VPN) convinced me to eventually champion a migration to Symantec's SGS ... Nice balance of "default deny" at the firewall, ...
  • Re: two winxp home machines, varied results
    ... >The only firewall I have on my machine *aside* from the Cisco VPN ... Please don't change "restrictAnonymoussam", only ... >Here is the IPCONFIG and BROWSTAT listings for each machine. ...