Lee Marzke on 1 Dec 2009 07:48:18 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Firewall/UTM recommendations?


Do you think there is interest in a talk showcasing all the firewall/UTM
appliances,  seems like
we have a range of users and interest.

I've been using Endian UTM for about 5 years now and it may be the most
complete UTM appliance
out there.  http://www.endian.com/en/community/overview/

- Web GUI
- 4 zone Firewall with numerous source and destination port forwarding
- Failover uplinks,  VLAN support ,  split DNS
- Transparent Proxy for smtp,  ftp,  web,  dns.
- OpenVPN ( both server and gw2gw ),  IPsec gw2gw
- Services:   Antivirus (havp , amavis ) , Time server, Snort, Traffic
Monitor (NTOP)
                   smtp server (proxy), QoS, multi zone DHCP with fixed
- Proxy Auth:  Local NCSA,  Windows AD,  LDAP,   Radius   ( can join an
AD domain )
- Stats:  Traffic graphs,  remote syslog

This is the free community GPL version which has all the features above.

The supported version has automatic updates, hotspot, and remote network
management,  and
is also available in a hardware appliance. ( Note the hardware is a
little underpowered,  so if your
comfortable with hardware your better off with your own box )

For business use,  you might consider the commercial version which also
supports high-avaliability
(hot standby with heartbeat ).       I'm an Endian partner,  so contact
me off-list if you want commercial pricing.

Lee Marzke

Mike Sheinberg wrote:
> Hey PLUG'ers,
> I'm looking for a firewall/UTM solution to replace my company's old
> PIX firewall and was hoping to get some advice from the group. In the
> past I've used Astaro's Security Gateway which proved to be a stable
> and feature-full device. The network parameters include about 10
> users, hosting of an email server, and a T1 WAN link (soon to be
> 3Mb/s; up from 1.5Mb). Personally, I'd prefer something with a web GUI
> but if someone can convince me why I should really learn IOS or some
> other command line solution I'll definitely take it under
> consideration. The thing I liked about the Astaro products is that it
> will likely play nice with our Linux environment since it allowed for
> things like log forwarding, openVPN connections, and LDAP authentication.
> Anyways, thanks in advance for the input!
> -Mike

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug