[KLUG Members] Broadband firewalls.

[Bruce Smith]

As another option for those extremely frugal people: It was noted at the
recent KLUG firewall presentation that people have been buying Pentium
class PC's, more than capable of handling broadband, as cheap as $5 at
the computers sales that come to the fairgrounds ~~monthly.  Those boxes
run IPCop, FloppyFW and other FREE Linux based dedicated firewalls fine.

(I'm not saying anything bad about the NetGear solution, only mentioning
a different choice - I don't know anything about the NetGear box)

As for wireless, the last I heard security is weak.  At my home, I put
my WAP (Wireless Access Point) in it's own subnet on a DMZ (a 3rd NIC)
off my Devil-Linux Linux based firewall to isolate it from my desktops.
(another nice option some firewalls offer is a DMZ for servers/WAPs/etc)


> I just replaced my OpenBSD broadband firewall/gateway with dedicated
> hardware.  I freed up a computer I paid $800 for (three years ago)
> and got one noisy fan out of my office.
> 
> I did have to move my network's stunnel connection point and DNS to
> another machine, but that's OK, my backup server wasn't doing much
> anyway.
> 
> I bought a NetGear MR314, which is not only a cable/DSL modem and
> LAN gateway, but also a wireless access point.  So it replaced both
> the (depreciated) $800 computer and the (still!) $300 Apple Airport
> Base Station.  It cost me $99 plus shipping.
> 
> So far I'm quite happy with it.  Configuration was easy, much easier
> than either OpenBSD or the Airport Base Station, and I'm confident
> about security.


--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------