Best Linux firewall
-
Good ones have already been mentioned—Smoothwall Express; pfSense; Untangle; ClearOS—yet a couple more:
- m0n0wall
- Sophos UTM (née Ataro)
See also—
-
How does mono stack up? Only one of these I've never touched.
-
Vyatta is actually the best of the lineup but the learning curve is ridiculous. And updates may not be forthcoming anymore for the free version.
-
Monowall is bare bones. Seems often comes up as one people used to use. Guessing still valid for minimal hardware.
One from the TechRadar link noted as the "winner" was... e-Box (http://www.ebox-platform.com/) built off Ubuntu. Haven't tried it, am skeptical, not a first choice, but keeping an open mind.
-
Don't know e-box at all. Need to take a look I guess. Any killer feature?
-
@scottalanmiller said:
How does mono stack up? Only one of these I've never touched.
I thought m0n0wall and pfSense were branches of the same ting at one point in the past. I may be misremembering things though.
-
@JaredBusch m0n0wall is FreeBSD at least like pfSense. That much I know.
-
@scottalanmiller said:
Vyatta is actually the best of the lineup but the learning curve is ridiculous. And updates may not be forthcoming anymore for the free version.
VyOS was forked out of it after the Brocade buyout. I have not really followed that though because my current use of Vyatta is all inside Ubiquiti hardware.
-
@JaredBusch said:
@scottalanmiller said:
Vyatta is actually the best of the lineup but the learning curve is ridiculous. And updates may not be forthcoming anymore for the free version.
VyOS was forked out of it after the Brocade buyout. I have not really followed that though because my current use of Vyatta is all inside Ubiquiti hardware.
Awesome thanks. Don't know how I forgot about that. Looks to be stable and production ready now too. Been on Vyatta for years so will look to go down this route I think.
-
@scottalanmiller said:
Don't know e-box at all. Need to take a look I guess. Any killer feature?
Article was circa 2010. e-Box is now...Zentyal—
- http://en.wikipedia.org/wiki/Zentyal
- Dunno, sticking with pfSense. Other known ones are fallbacks. Zentyal is much further down the list.
-
@RoguePacket ah ha. zentyl I have heard of but not used.
-
Zentyl is really an SBS style server project. A kitchen sink sorta mish mash. Not an optimized firewall.
-
@scottalanmiller Yes, have used it in one of my freelance project. They wanted an AD replacement as they couldn't afford windows licensing.
After some research, I tried Zentyal. It was a real good alternative for Windows AD.
Got a decent desktop machine, installed Zentyal, configured as main DC, joined all clients machines from 3 offices, (all nearby, and has shared connection from their main office). Also enabled jabber server+file server. All offices are using this without any issues. AD+Chat+File Server!
If am not mistaken, its Ubuntu based. Even though it has quite a lot of features including firewall, I never used it as a firewall. -
@scottalanmiller so was ClearOS.
-
-
I'd recommend pfSense. I'm only an intern level tech person, and I find it fairly easy to work with.
-
@Mike-Ralston said:
I'd recommend pfSense. I'm only an intern level tech person, and I find it fairly easy to work with.
For a straight firewall, pfSense is good. If you're looking for something closer to a UTM, Untangle becomes a better option.
-
Really only the paid for version of Untangle. I've used Untangle and it is a seriously weak product.
-
@scottalanmiller said:
Really only the paid for version of Untangle. I've used Untangle and it is a seriously weak product.
Only $50/month and you get content filtering, multi-WAN, IPS, antivirus, application-level control, bandwidth shaping, and more.
-
@Nara said:
@scottalanmiller said:
Really only the paid for version of Untangle. I've used Untangle and it is a seriously weak product.
Only $50/month and you get content filtering, multi-WAN, IPS, antivirus, application-level control, bandwidth shaping, and more.
$50/mo is a ton for an SMB. Considering you have to buy hardware to put the appliance on, that's $600/year. You can get some pretty nice systems for that price.
