ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Home Network Firewall Options

    Scheduled Pinned Locked Moved IT Discussion
    118 Posts 17 Posters 30.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jason Banned @wirestyle22
      last edited by

      @wirestyle22 said:

      I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

      Ah, EdgeOS is nothing special. Ubquiti didn't to much work to it (because it didn't need much) VyOS/Vyatta is where all the magic came from.. Brocade tried Killing the Vyatta community edition though. So everything now is a fork from before Brocade bought them.

      wirestyle22W scottalanmillerS 2 Replies Last reply Reply Quote 0
      • wirestyle22W
        wirestyle22 @Jason
        last edited by

        @Jason said:

        @wirestyle22 said:

        I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

        Ah, EdgeOS is nothing special. Ubquiti didn't to much work to it (because it didn't need much) VyOS/Vyatta is where all the magic came from.. Brocade tried Killing the Vyatta community edition though. So everything now is a fork from before Brocade bought them.

        For $60 is the real point though. It was a great recommendation from @Dashrender and @JaredBusch

        J 1 Reply Last reply Reply Quote 1
        • J
          Jason Banned @wirestyle22
          last edited by

          @wirestyle22 said:

          @Jason said:

          @wirestyle22 said:

          I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

          Ah, EdgeOS is nothing special. Ubquiti didn't to much work to it (because it didn't need much) VyOS/Vyatta is where all the magic came from.. Brocade tried Killing the Vyatta community edition though. So everything now is a fork from before Brocade bought them.

          For $60 is the real point though. It was a great recommendation from @Dashrender and @JaredBusch

          Yes, But what I'm saying is EdgeOS isn't really ubquiti's creation. You are just paying for Hardware really.

          JaredBuschJ 1 Reply Last reply Reply Quote 1
          • JaredBuschJ
            JaredBusch @Jason
            last edited by

            @Jason said:

            @wirestyle22 said:

            @Jason said:

            @wirestyle22 said:

            I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

            Ah, EdgeOS is nothing special. Ubquiti didn't to much work to it (because it didn't need much) VyOS/Vyatta is where all the magic came from.. Brocade tried Killing the Vyatta community edition though. So everything now is a fork from before Brocade bought them.

            For $60 is the real point though. It was a great recommendation from @Dashrender and @JaredBusch

            Yes, But what I'm saying is EdgeOS isn't really ubquiti's creation. You are just paying for Hardware really.

            Have you kept up on it? They continue to customize and improve from that original fork.

            J 1 Reply Last reply Reply Quote 0
            • J
              Jason Banned @JaredBusch
              last edited by

              @JaredBusch said:

              @Jason said:

              @wirestyle22 said:

              @Jason said:

              @wirestyle22 said:

              I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

              Ah, EdgeOS is nothing special. Ubquiti didn't to much work to it (because it didn't need much) VyOS/Vyatta is where all the magic came from.. Brocade tried Killing the Vyatta community edition though. So everything now is a fork from before Brocade bought them.

              For $60 is the real point though. It was a great recommendation from @Dashrender and @JaredBusch

              Yes, But what I'm saying is EdgeOS isn't really ubquiti's creation. You are just paying for Hardware really.

              Have you kept up on it? They continue to customize and improve from that original fork.

              Nope. Mine's still at 1.5.x or 1.6 that the ERL came with originally. Haven't needed to updated it.

              1 Reply Last reply Reply Quote 0
              • wrx7mW
                wrx7m @Jason
                last edited by

                @Jason Eth0 has been LAN on my SonicWALL and Sophos SG 210. I thought that was weird but I just got used to it, so I mirrored the config on the ERX. I understand that there must have been a configuration issue but wasn't sure what it would have been. The WAN port was on DHCP, the LAN was set with a DHCP server on it for connected clients but I couldn't get out. I swapped them and ran the wizard and it worked.

                JaredBuschJ 1 Reply Last reply Reply Quote 0
                • JaredBuschJ
                  JaredBusch @wrx7m
                  last edited by

                  @wrx7m said:

                  @Jason Eth0 has been LAN on my SonicWALL and Sophos SG 210. I thought that was weird but I just got used to it, so I mirrored the config on the ERX. I understand that there must have been a configuration issue but wasn't sure what it would have been. The WAN port was on DHCP, the LAN was set with a DHCP server on it for connected clients but I couldn't get out. I swapped them and ran the wizard and it worked.

                  Willing to bet you had the WAN port also on the switch0.

                  wrx7mW 1 Reply Last reply Reply Quote 1
                  • wrx7mW
                    wrx7m @JaredBusch
                    last edited by

                    @JaredBusch That would do it. 😉

                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @wrx7m
                      last edited by

                      @wrx7m said:

                      @JaredBusch That would do it. 😉

                      If you had an ERL, that would not have been possible. In fact, the original wizards for the ERL all had people put the WAN on eth1 because you had to plug in to eth0 with a fixed IP to get into the ERL in the first place.

                      wrx7mW 1 Reply Last reply Reply Quote 0
                      • wrx7mW
                        wrx7m @JaredBusch
                        last edited by

                        @JaredBusch So I wasn't that far off when I was setting up the WAN on eth1

                        1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @wirestyle22
                          last edited by

                          @wirestyle22 said:

                          I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

                          It's VyOS, which took over from Vyatta when that went away. We've been using some form of that for over a decade now. It's been consistently awesome.

                          JaredBuschJ 1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @Jason
                            last edited by

                            @Jason said:

                            @wirestyle22 said:

                            I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

                            Ah, EdgeOS is nothing special. Ubquiti didn't to much work to it (because it didn't need much) VyOS/Vyatta is where all the magic came from.. Brocade tried Killing the Vyatta community edition though. So everything now is a fork from before Brocade bought them.

                            The beauty of open source, it's amazing how often companies try to kill off proprietary software in the real world. Open source projects protect the end users should someone out there actually find the software to be useful. VyOS has taken on a much bigger life than Vyatta ever had.

                            1 Reply Last reply Reply Quote 0
                            • JaredBuschJ
                              JaredBusch @scottalanmiller
                              last edited by

                              @scottalanmiller said:

                              @wirestyle22 said:

                              I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

                              It's VyOS, which took over from Vyatta when that went away. We've been using some form of that for over a decade now. It's been consistently awesome.

                              It is NOT VyOS. It is Vyatta. I know we have had this conversation before. I wish you would keep your facts straight.

                              References: http://vyos.net/wiki/EdgeOS & http://community.ubnt.com/t5/EdgeMAX/edgemax-vyatta/m-p/391382#M4533

                              scottalanmillerS 1 Reply Last reply Reply Quote 1
                              • scottalanmillerS
                                scottalanmiller @JaredBusch
                                last edited by

                                @JaredBusch said:

                                @scottalanmiller said:

                                @wirestyle22 said:

                                I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

                                It's VyOS, which took over from Vyatta when that went away. We've been using some form of that for over a decade now. It's been consistently awesome.

                                It is NOT VyOS. It is Vyatta. I know we have had this conversation before. I wish you would keep your facts straight.

                                References: http://vyos.net/wiki/EdgeOS & http://community.ubnt.com/t5/EdgeMAX/edgemax-vyatta/m-p/391382#M4533

                                I have no memory of having discussed this.

                                It's a competing fork to VyOS? That seems odd. Why maintain two competing forks?

                                JaredBuschJ 1 Reply Last reply Reply Quote 0
                                • JaredBuschJ
                                  JaredBusch @scottalanmiller
                                  last edited by

                                  @scottalanmiller said:

                                  @JaredBusch said:

                                  @scottalanmiller said:

                                  @wirestyle22 said:

                                  I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

                                  It's VyOS, which took over from Vyatta when that went away. We've been using some form of that for over a decade now. It's been consistently awesome.

                                  It is NOT VyOS. It is Vyatta. I know we have had this conversation before. I wish you would keep your facts straight.

                                  References: http://vyos.net/wiki/EdgeOS & http://community.ubnt.com/t5/EdgeMAX/edgemax-vyatta/m-p/391382#M4533

                                  I have no memory of having discussed this.

                                  It's a competing fork to VyOS? That seems odd. Why maintain two competing forks?

                                  http://mangolassi.it/topic/1714/tonight-s-project-ubiquiti-router-for-home/15

                                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @JaredBusch
                                    last edited by

                                    @JaredBusch said:

                                    @scottalanmiller said:

                                    @JaredBusch said:

                                    @scottalanmiller said:

                                    @wirestyle22 said:

                                    I'm really impressed at EdgeOS. I can't talk its praises enough. For $60 I can't see anything else comparing.

                                    It's VyOS, which took over from Vyatta when that went away. We've been using some form of that for over a decade now. It's been consistently awesome.

                                    It is NOT VyOS. It is Vyatta. I know we have had this conversation before. I wish you would keep your facts straight.

                                    References: http://vyos.net/wiki/EdgeOS & http://community.ubnt.com/t5/EdgeMAX/edgemax-vyatta/m-p/391382#M4533

                                    I have no memory of having discussed this.

                                    It's a competing fork to VyOS? That seems odd. Why maintain two competing forks?

                                    http://mangolassi.it/topic/1714/tonight-s-project-ubiquiti-router-for-home/15

                                    Okay, I did not respond to that and it was not directed at me, while I try to read things, I might easily have missed that.

                                    1 Reply Last reply Reply Quote 0
                                    • NETSN
                                      NETS @scottalanmiller
                                      last edited by

                                      @scottalanmiller said:

                                      @NETS said:

                                      So without a UTM device how are you monitoring the network and locking down the traffic?

                                      1. What is the actual need here? A firewall already monitors and locks down the traffic. Those are not UTM functions.
                                      2. With a UTM, how are you doing it?

                                      I look at UTM's as a single device that can easily secure and monitor and a variety of network traffic with minimal effort. Running a regular ERX works but you lose the malware, mail filtering and IPS features of a UTM. Sure there are other methods of gaining those features back but not on a single box. For SMB that single box is a big sell.

                                      If you use a Edge router how are you adding back in the other security features that a UTM or Nextgen firewall offers?

                                      wrx7mW J 2 Replies Last reply Reply Quote 1
                                      • wrx7mW
                                        wrx7m @NETS
                                        last edited by

                                        @NETS said:

                                        @scottalanmiller said:

                                        @NETS said:

                                        So without a UTM device how are you monitoring the network and locking down the traffic?

                                        1. What is the actual need here? A firewall already monitors and locks down the traffic. Those are not UTM functions.
                                        2. With a UTM, how are you doing it?

                                        I look at UTM's as a single device that can easily secure and monitor and a variety of network traffic with minimal effort. Running a regular ERX works but you lose the malware, mail filtering and IPS features of a UTM. Sure there are other methods of gaining those features back but not on a single box. For SMB that single box is a big sell.

                                        If you use a Edge router how are you adding back in the other security features that a UTM or Nextgen firewall offers?

                                        Take Cover!

                                        NETSN 1 Reply Last reply Reply Quote 0
                                        • NETSN
                                          NETS @wrx7m
                                          last edited by

                                          @wrx7m said:

                                          @NETS said:

                                          @scottalanmiller said:

                                          @NETS said:

                                          So without a UTM device how are you monitoring the network and locking down the traffic?

                                          1. What is the actual need here? A firewall already monitors and locks down the traffic. Those are not UTM functions.
                                          2. With a UTM, how are you doing it?

                                          I look at UTM's as a single device that can easily secure and monitor and a variety of network traffic with minimal effort. Running a regular ERX works but you lose the malware, mail filtering and IPS features of a UTM. Sure there are other methods of gaining those features back but not on a single box. For SMB that single box is a big sell.

                                          If you use a Edge router how are you adding back in the other security features that a UTM or Nextgen firewall offers?

                                          Take Cover!

                                          I fully expect it. Possibly even looking forward to the rousing discussion that takes place because of it. 🙂

                                          wrx7mW 1 Reply Last reply Reply Quote 0
                                          • wrx7mW
                                            wrx7m @NETS
                                            last edited by wrx7m

                                            @NETS The summary of past discussions:

                                            UTM is a waste of money
                                            Use separate boxes for specific uses - Firewall, proxy
                                            Use endpoint protections for AV
                                            Don't log/block websites/categories unless it is to prevent malware (even then, use a service like Open DNS)

                                            I don't necessarily endorse all comments

                                            Edit- I almost forgot - The performance is almost always better when you separate the roles.

                                            MattSpellerM 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 5 / 6
                                            • First post
                                              Last post