Best Linux firewall
-
@JaredBusch said:
@scottalanmiller said:
Vyatta is actually the best of the lineup but the learning curve is ridiculous. And updates may not be forthcoming anymore for the free version.
VyOS was forked out of it after the Brocade buyout. I have not really followed that though because my current use of Vyatta is all inside Ubiquiti hardware.
Awesome thanks. Don't know how I forgot about that. Looks to be stable and production ready now too. Been on Vyatta for years so will look to go down this route I think.
-
@scottalanmiller said:
Don't know e-box at all. Need to take a look I guess. Any killer feature?
Article was circa 2010. e-Box is now...Zentyal—
- http://en.wikipedia.org/wiki/Zentyal
- Dunno, sticking with pfSense. Other known ones are fallbacks. Zentyal is much further down the list.
-
@RoguePacket ah ha. zentyl I have heard of but not used.
-
Zentyl is really an SBS style server project. A kitchen sink sorta mish mash. Not an optimized firewall.
-
@scottalanmiller Yes, have used it in one of my freelance project. They wanted an AD replacement as they couldn't afford windows licensing.
After some research, I tried Zentyal. It was a real good alternative for Windows AD.
Got a decent desktop machine, installed Zentyal, configured as main DC, joined all clients machines from 3 offices, (all nearby, and has shared connection from their main office). Also enabled jabber server+file server. All offices are using this without any issues. AD+Chat+File Server!
If am not mistaken, its Ubuntu based. Even though it has quite a lot of features including firewall, I never used it as a firewall. -
@scottalanmiller so was ClearOS.
-
-
I'd recommend pfSense. I'm only an intern level tech person, and I find it fairly easy to work with.
-
@Mike-Ralston said:
I'd recommend pfSense. I'm only an intern level tech person, and I find it fairly easy to work with.
For a straight firewall, pfSense is good. If you're looking for something closer to a UTM, Untangle becomes a better option.
-
Really only the paid for version of Untangle. I've used Untangle and it is a seriously weak product.
-
@scottalanmiller said:
Really only the paid for version of Untangle. I've used Untangle and it is a seriously weak product.
Only $50/month and you get content filtering, multi-WAN, IPS, antivirus, application-level control, bandwidth shaping, and more.
-
@Nara said:
@scottalanmiller said:
Really only the paid for version of Untangle. I've used Untangle and it is a seriously weak product.
Only $50/month and you get content filtering, multi-WAN, IPS, antivirus, application-level control, bandwidth shaping, and more.
$50/mo is a ton for an SMB. Considering you have to buy hardware to put the appliance on, that's $600/year. You can get some pretty nice systems for that price.
-
For that price you could be in a fully supported Meraki, for example, and that's far from a cheap device. It would take less than two years to pay it off assuming you were running your Untangle on free hardware that you already owned.
-
For only $99, you can have one of these running Vyatta: http://www.amazon.com/EdgeRouter-ERLite-3-512MB-Ethernet-Router/dp/B00CPRVF5K
-
$89 plus shipping from Baltic networks, so depending on your Amazon shipping rates. That may be a better place to buy it.
I love the ERL. I have 10 of them in production around various clients.http://www.balticnetworks.com/manufacturers/ubiquiti/edgemax-routers.html
-
@JaredBusch said:
$89 plus shipping from Baltic networks, so depending on your Amazon shipping rates. That may be a better place to buy it.
I love the ERL. I have 10 of them in production around various clients.http://www.balticnetworks.com/manufacturers/ubiquiti/edgemax-routers.html
Do the bigger, rack mount models have better throughput? What can the Lite push?
-
@scottalanmiller the ERL and ERPOE are 1 billion packets per second (pps). The ER is 2 billions pps and the ER Pro is 2+ billion pps. This is all according to their spec sheets. I have never stressed tested anything. My clients couldn't stress and ERL if they tried.
http://www.ubnt.com/edgemax#edge-router-lite -
I wish that there was a ERL that was rack mount. That would be way better.
-
@scottalanmiller said:
I wish that there was a ERL that was rack mount. That would be way better.
You are not the only one. Only one of my install locations has a rack at the moment, but I really wish I had the option.
-
Seeing the topic of Linux firewalls for a person brand-new to Linux hit Slashdot yesterday (>cough< /. is slacking)—