Educause Security Discussion mailing list archives
*Nix-Based NG Firewalls - Looking for info...
From: "Scherck, Daniel" <scherckd () EVERGREEN EDU>
Date: Thu, 3 Jul 2014 16:14:49 +0000
Hi Folks - We're looking to replace our current firewall setups with something a little more powerful. Currently we run an IPTables based setup. This has performed well for us overall, being fast and simple. However, with the emerging threats coming from both inside and outside, I'm looking at getting something a little more powerful in the lineup. We had already budgeted and purchased replacement servers to simply take the same setup as the current ones on new hardware, but due to some difficulties with implementation and compiling, I'm at the point of looking outside the current setup. So the question is, does anyone out there have good/bad experience with *Nix firewall distros? I'd like to find something that can easily handle around 3000 concurrent users, with a 1 gig WAN pipe, and have integrated IDS/IPS, antivirus, and Layer 7 capability. Just for eval purposes, I have set up ESXi on the new servers, and installed five firewall distros for testing: Endian, IPCop, pfsense, Smoothwall Express, and Untangle (Free). Any other recommendations? Any considerations I might have missed? (I have looked for other discussions in the mail list, but didn't see anything that wasn't centered around the appliance firewalls like Palo Alto, Fortigate and Tipping Point. Since the hardware was already purchased, those are pretty much off the table until next refresh.) Dan Scherck Sr. Network Engineer The Evergreen State College 2700 Evergreen Parkway NW , Olympia, WA 98505 +1-360-867-5383
Current thread:
- *Nix-Based NG Firewalls - Looking for info... Scherck, Daniel (Jul 03)
- Re: *Nix-Based NG Firewalls - Looking for info... Bob Williamson (Jul 03)