Educause Security Discussion mailing list archives
Re: *Nix-Based NG Firewalls - Looking for info...
From: Bob Williamson <bob_williamson () AW ORG>
Date: Thu, 3 Jul 2014 17:21:11 +0000
Dan, Have you looked at VM appliances from PaloAlto, fortinet, Watchguard etc? Maybe that is worth looking at? Bob Williamson Network Administrator Annie Wright Schools | 827 N Tacoma Ave, Tacoma, WA 98403 | www.aw.org<http://www.aw.org/> D: 253.272.2216 | F: 253.572.3616 | Bob_Williamson () aw org<mailto:Bob_Williamson () aw org> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Scherck, Daniel Sent: Thursday, July 3, 2014 9:15 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] *Nix-Based NG Firewalls - Looking for info... Hi Folks - We're looking to replace our current firewall setups with something a little more powerful. Currently we run an IPTables based setup. This has performed well for us overall, being fast and simple. However, with the emerging threats coming from both inside and outside, I'm looking at getting something a little more powerful in the lineup. We had already budgeted and purchased replacement servers to simply take the same setup as the current ones on new hardware, but due to some difficulties with implementation and compiling, I'm at the point of looking outside the current setup. So the question is, does anyone out there have good/bad experience with *Nix firewall distros? I'd like to find something that can easily handle around 3000 concurrent users, with a 1 gig WAN pipe, and have integrated IDS/IPS, antivirus, and Layer 7 capability. Just for eval purposes, I have set up ESXi on the new servers, and installed five firewall distros for testing: Endian, IPCop, pfsense, Smoothwall Express, and Untangle (Free). Any other recommendations? Any considerations I might have missed? (I have looked for other discussions in the mail list, but didn't see anything that wasn't centered around the appliance firewalls like Palo Alto, Fortigate and Tipping Point. Since the hardware was already purchased, those are pretty much off the table until next refresh.) Dan Scherck Sr. Network Engineer The Evergreen State College 2700 Evergreen Parkway NW , Olympia, WA 98505 +1-360-867-5383
Current thread:
- *Nix-Based NG Firewalls - Looking for info... Scherck, Daniel (Jul 03)
- Re: *Nix-Based NG Firewalls - Looking for info... Bob Williamson (Jul 03)