[KLUG Members] re: A plea for firewall ideas

[Mike Williams]

>
> Subject:
> [KLUG Members] A plea for firewall ideas
> From:
> Adam Bultman <adamb at glaven.org>
>
>
> Hello everyone.  This is a plea.
>
> At work, we are going to be upgrading our firewalls to a new system, 
> as yet undecided.  We are in the final stages of deciding exactly what 
> we'll be using for firewalls very soon.
>
>
Two words:  Astaro Linux.  http://www.astaro.com/  It's a heavily 
customized firewall-only distribution, and the best I've ever seen.  Its 
cost starts at $390 for commercial use, and you need a little more 
hardware to throw at it than Smoothwall or something, but it's 
definitely worth it.  Completely web manageable, (although you can ssh 
in if you need to), supports several types of VPN tunnel, serves DNS, 
DHCP, web caching, intrusion protection, content filtering, SNMP, ICMP 
forwarding or dropping, and basically anything else you'd ever want a 
firewall to do.  As an example of the attention to detail that Astaro 
puts into their product, every single process that the box runs is 
chrooted.  I run one at home (it's free for non-commercial use) that 
serves my 256K DSL from an old K6/2 500.  The web management interface 
is sometimes a little slow, but I've never seen any problems with it, 
and the system load graphs are nice and low.

You can download a free 30-day trial from their website.