MSUNAG Archives

MSUNAG Archives


View:

Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font

Options:

Join or Leave MSUNAG
Reply | Post New Message
Search Archives


Subject: Re: firewall hardware
From: "Hoort, Brian" <[log in to unmask]>
Reply-To:Hoort, Brian
Date:Wed, 5 Mar 2008 09:42:44 -0500
Content-Type:text/plain
Parts/Attachments:
Parts/Attachments

text/plain (56 lines) 


I've been running m0n0wall on an old desktop tower that was bouncing
around the office since the holidays.  It was pretty easy to configure
and has performed flawlessly in front of five servers.  M0n0wall is a
freebsd-based firewall distribution.  The only hardware requirement to
speak of was that the best supported gigabit cards were Intel
so-and-so's.  (It's in the documentation somewhere under supported
hardware... they were $40 each at GovConnection).  The better the
hardware you throw at it, the better it performs, obviously.  Rather
than putting together your own hardware (which I did for such a small
load) you might consider purchasing one of the boxes dedicated for this
purpose.  Again, they discuss it in the excellent documentation
(http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/).

If you have specific questions regarding m0n0wall let me know and I'll
try and answer them, though I am no expert.

Brian Hoort


On Mar 5, 2008, at 8:42 AM, Eric Weston wrote:

> I'm collecting opinions regarding hardware to use for a firewall. If  
> you
> are interested in weighing in on this subject, I'm interested to hear
> your ideas.
>
> The hypothetical firewall is a purpose built OpenBSD box running  
> OpenBSD
> Packet Filter (pf), on a box that bridges the outside world to a
> protected network of approximately 1000 nodes. The box needs to have a
> network interface for administrative access via ssh, and two
> high-throughput network interfaces to provide the "bridge" from the
> protected network to the internet.
>
> Given this general scenario, what sort of box might you purchase and/ 
> or
> assemble for this purpose? What elements would you consider critical?
> (architecture, interfaces, harddrive or alternative, CPU, etc..)
>
>
>   Thanks,
>                Eric Weston, Libraries

-- 
Troy Murray
Developer
Michigan State University
Biomedical Research and Informatics Center (BRIC)
100 Conrad Hall
East Lansing, MI 48824
Phone: 517-432-4248
Fax: 517-353-9420
E-mail: [log in to unmask]
Calendar
HTML - http://www.icalx.com/html/troymurray72/month.php?cal=BRIC+Work
iCalendar - http://www.icalx.com/public/troymurray72/BRIC%20Work.ics

Back to: Top of Message | Previous Page | Main MSUNAG Page

Permalink


LIST.MSU.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager