Hardware Firewalls
This is a dedicated computer with
a minimum two network cards, can be a 19 rack mount unit,
a free standing box or just an old computer not powerful enough
for todays Operating Systems, but more than enough for a home/small
business firewall.
Our favorite is Smoothwall, http://www.smoothwall.org/
and it's free, it's easy to install and maintain, you don't need
to be a Linux wiz, virtually everything can be controlled or monitored
from a web browser after the initial installation. Version 2 runs
for months without a reboot, Version 3 just released August 2007,
and has now had couple of fixes as of March 2008, and appears
to be quite usable.
Version 2 is still available for
download, should you like to try it. 2.1 includes all the fixes,
nine last time I looked.
Smoothwall Express 3 minimum hardware
specification is 200Mhz Pentium, 128Mb Ram and 2Gb hard disk,
I've had a problem with 2.6Gb disk full while running the web
proxy, pop3 proxy and some quite heavy web use. On the forums
it has suggested 6.4Gb may solve the problem. The 2.6Gb worked
great with Version 2.
Version 3.0 monitors a lot more than
version 2.0, and you select what you want it to monitor
You require a Monitor, Keyboard and
CDrom just for the initial installation. There is an option to
boot from floppies with version 3?, there are two image files
on the CD which are floppies but the first one is 2.8 Mb? There
doesn't appear to be any reference to booting from floppies in
the installation guide, and there isn't a raw write program, there
was on the Version 2 CD but not sure whether it supports 2.88
floppies. I don't think this will be a problem for many as I'm
sure most will boot from CD.
It supports 4 Network connections,
a Green for your usual workstations, and a Red for your internet
connection which can be a NIC (Ethernet modem), USB modem, or
PCI Modem, A Purple for your wireless connection (this isn't in
version 2) and an Orange for your web/ftp server. You select what
configuration you want to use during the installation.
Start by downloading the iso file
from the website along with the two manuals (Installation manual
is on the CD as well), you may have to register to be able to
download the administrators guide. Use Nero, etc to burn the iso
image to a CD.
Then boot the computer with the
CD, after setting the bios to boot CD first. As you select which
Network card is assigned to each interface it will be useful to
mark them for easy installation if you move it. When setting DNS
and gateway settings, set the IP to the next device down the line,
This would be your router/modem, if you use a NIC or possibly
your Red interface if USB or PCI modem is used.
Once you've installed the firewall in your system, you can access
the control panel from the Green network with a web browser in
the form http://192.168.xxx.xxx:81
It takes a bit of time to find your
way around, more so with version 3 as there's a lot more to it,
Snort the firewall detection system now requires you to go and
get the Snort rules from www.snort.org, and get an Oink code so
it will update itself in the future.
There are forums on the Smoothwall
website, specially for add on's, but you need to be a Linux geek
if you want to go that route. And this is your only means of support
if you require it. You can go to www.smoothwall.net for the commercial
version, where they have different versions and add on modules
and of course better support.
You can shell to the OS from the
web browser window but I believe most use PuTTY should it be neccessary.
And to FTP use WinSCP.
|