Re: [PLUG] Firewall choices for a small software development business

K.S. Bhaskar on 4 Jul 2017 07:15:05 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Firewall choices for a small software development business

From: "K.S. Bhaskar" <bhaskar@bhaskars.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Firewall choices for a small software development business
Date: Tue, 4 Jul 2017 10:14:58 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=HBSUWRi7kpxr+GnqqzF8xXKKJj94v+W2rq1AXUaPNCA=; b=h3caRJeAI4UWR3eBaZ5OTklKl+BRAnDdVeIzqM7z/XOmgxNkHyaiahRdvG3356MqfZ qQGYWouqgcRA/sdThuYA5U6uAGGeydvjmT3m8skjjcCsxazxqy2n8JqoWeMUS80kIMcB fmGvAKwGVxIOGMnkysgF1XybfU1pDgTxqzzvA2ixP6bsMwRdJwFOOGahuGYT2Gwt7p4w ZOVmhEgGEi26pImlZytSlJz59IyqphnLmHzub8JB99Rk/FY15TKGdeslMCCN1j13X5Ci 5DM16c1viW8iXUKxbrqZmnvF4fFPfZPMWm1BNnjyKchuKSdcKVutsaZeNCkS1EltC/MJ kUEg==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

Thanks for the comments, advice, and (last but not least) reassurance! After reading the reviews of the box, the one concern I have is this comment from May 17, 2017:

I would have given this 5 stars, but pfsense just announced that "While we’re not revealing the extent of our plans, we do want to give early notice that, in order to support the increased cryptographic loads that we see as part of pfSense verison 2.5, pfSense Community Edition version 2.5 will include a requirement that the CPU supports AES-NI"

This little box has no aes ni capabilities.

Especially a firewall, it seems to me that fixes are important. I don't know what the pfSense track record is with patches, but when pfSense 2.5 comes out, will the older versions continue to receive patches?

-- Bhaskar

On Tue, Jul 4, 2017 at 7:30 AM, Rich Kulawiec <rsk@gsp.org> wrote:

On Mon, Jul 03, 2017 at 02:40:05PM -0400, K.S. Bhaskar wrote:
> This e-mail is to solicit opinions about a firewall.

You really can't do better than OpenBSD/pf. Runs beautifully even
on minimal hardware, has every feature of relevance, quite resilient
even in the face of clueful attack, very customizable, open-source,
peer-reviewed, and exhaustively documented.

---rsk

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] Firewall choices for a small software development business
  - From: "Lee H. Marzke" <lee@marzke.net>
- Re: [PLUG] Firewall choices for a small software development business
  - From: Rich Kulawiec <rsk@gsp.org>

References:
- [PLUG] Firewall choices for a small software development business
  - From: "K.S. Bhaskar" <bhaskar@bhaskars.com>
- Re: [PLUG] Firewall choices for a small software development business
  - From: Rich Kulawiec <rsk@gsp.org>

Prev by Date: Re: [PLUG] Firewall choices for a small software development business
Next by Date: Re: [PLUG] Firewall choices for a small software development business
Previous by thread: Re: [PLUG] Firewall choices for a small software development business
Next by thread: Re: [PLUG] Firewall choices for a small software development business
Index(es):
- Date
- Thread