| Keith C. Perry on 11 Aug 2014 13:18:11 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Network gateway solution for small business? |
Throw in SquidClam (http://squidclamav.darold.net/) or some other FOSS ICAP product (http://en.wikipedia.org/wiki/Internet_Content_Adaptation_Protocol) and Brent's build is looking good. In fact... You **might** be able to get this going on an ARM device- a Raspberry Pi? Maybe... but certainly a Beaglebone Black and Hummingboard could and those are both under $100. Even once you add the second USB nic you're still going to be at no more that $150. Plus the energy consumption would be a lot less, if that matters to you. Ok, sorry for the geek out but this something on my short list of ARM builds. :) ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Keith C. Perry, MS E.E. Owner, DAO Technologies LLC (O) +1.215.525.4165 x2033 (M) +1.215.432.5167 www.daotechnologies.com ----- Original Message ----- From: "brent timothy saner" <brent.saner@gmail.com> To: plug@lists.phillylinux.org Sent: Monday, August 11, 2014 4:01:24 PM Subject: Re: [PLUG] Network gateway solution for small business? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/11/2014 03:03 PM, Greg Helledy wrote: > > We are leaning towards 3. for a few reasons: > > a. the router will be easier to maintain, take up less space, produce > less noise and heat, and consume less electricity than a PC > b. it looks like we can get a small business-class router for around > (~$500) the price of a basic PC > c. we can get an appliance that does out-of-the-box the things we care > about, and don't need the additional flexibility that a PC would provide. > > The things we need are: > *gateway with firewall that can be configured to do port forwarding of > incoming connections > *ability to handle 2 WANs simultaneously. We have service from two > providers, for redundancy. We don't need any complex traffic > shaping/load balancing, just need traffic to go to ISP B when ISP A is > down. > *DHCP that can assign fixed IPs to networked machines by MAC > *antivirus scanning of traffic, to protect the Windows-based machines on > the LAN > *a built-in wireless access point would be nice, but is not necessary > (we can just plug something in). > > I have started doing some research but surprisingly, flaky firmware > seems to be a frequent user complaint even in this class of device. I > love my tomato router at home but we need to stick with factory firmware > for this application. If anyone has a recommendation, please send it my > way. Thanks in advance, and sorry for the interruption. > i actually JUST yesterday specced out and ordered parts for a router box. Links, assuming you have no pre-existing hardware (cage, etc.). Note that I give Prime prices. 9U cab, locking, better airflow (because glass doors on a locking cage are *stupid*): http://www.amazon.com/gp/product/B0070FWC72/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1 $218.52 Cheap UPS by CyberPower (510W, MORE than enough for associated hardware): http://www.amazon.com/gp/product/B00DBAA696/ref=oh_aui_detailpage_o01_s00?ie=UTF8&psc=1 $76.95 1U router box barebones, quiet, LOW power consumption: http://www.amazon.com/gp/product/B004GKULFO/ref=oh_aui_detailpage_o05_s02?ie=UTF8&psc=1 $337.99 RAM for routerbox: http://www.amazon.com/gp/product/B002BW6DQ0/ref=oh_aui_detailpage_o04_s00?ie=UTF8&psc=1 $20.79 SSD for routerbox: http://www.amazon.com/gp/product/B007ZWLRSU/ref=oh_aui_detailpage_o05_s01?ie=UTF8&psc=1 $49.45 ea. (recommended 2x for RAID-1) Ubiquiti PoE switch (10/100/1000): http://www.amazon.com/gp/product/B00CXTK90W/ref=oh_aui_detailpage_o05_s00?ie=UTF8&psc=1 $95.00 Ubiquiti Wi-fi AP: http://www.amazon.com/gp/product/B004XXMUCQ/ref=oh_aui_detailpage_o05_s01?ie=UTF8&psc=1 67.90 ea. (recommended at least 2x, but the range is *fantastic*) SO there you go. ALL together (including redundancy/expansion recommendations i gave), 984.95USD. Not too bad at all for a total equipment inventory. feel free to mix/match for stuff that doesn't match your specs/requirements. Note that that routerbox barebones is about the size, if not smaller, of a dedicated appliance, will use comparable power, but can take any x86_64 distro you wanna throw at it- pfSense, debian, openbsd, whatever. it goes without saying that NIC bonding or selective routing or whatever you want for dual-WAN can be done a multitude of ways with a full *nix OS. you can also run something like snort for the packet inspection. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJT6SEUAAoJEIwATC+TSB9reIMP/isIbr6x+IXu9tepjZ143y9r vSs1QVqKouoV036gSIE4KPRWKjc5s5wR0vgqf793RTpUM+tzCTduZMZKBCoBIT6X E+s9YSZyEDRIRlQa2arNnupp/g4R0qCtBZjsa5H/NS5ak4tolL8Rd+/78vvysXJ8 49hSGx9Z6t1S8rJajCxnNMyvG5VRQoxf713zO0E29jlVYPRhtDOndbdzq8d/rjk0 9d3Q/yQ7qOJnBNzhos4jREZHh8255ranxP9YSGJOlqwZ613ZDguYYii3kmZBNO32 OdynpM2CJa7QYrha5uLoGFynvfyR24tM2LgPqVGtFH7zmA6ZaEeg0TF10h3c7MnU DzmdUX8F+zPYnX3z450QUq705otofXFj9uJcprr4iiGEp6nsEsbkNxR63XePId3C AuK68oq4O9IzzB4bIHfmCtkta3I+KKxeKgJkWKVP+6Z4HwM0pYNNq4Rh87NcYa9X jyF6AacMiRokqk2jWASBkGlJ16b8eMEZbYRxficKbfsUI+X/aSG9HN8Xt2A+5M58 U7X8zgCQHz9IEdVuwaG8DatyCBH3ZTLPV9bPrQ9a1TUsSNzdaAaoKPfe2SBxDzm3 Va8gznZMY1iv7zobCJuCg8Pb49h+EO1p0AGO24NgkVNPzxigg5gCDQ7P0sZzqKG1 rRGGOR1QF1WVkJfBAHF/ =9NmM -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug