Share your setup for firewall+proxy+antivirus+dns Server

Discussion in 'Business & Enterprise Computing' started by cybermonk, Dec 3, 2012.

  1. Daemon

    Daemon Member

    Joined:
    Jun 27, 2001
    Messages:
    5,471
    Location:
    qld.au
    Try these sites:

    http://www.ubiquitishop.com.au/91_edgemax.products
    http://store.freenet-antennas.com.a...575&osCsid=84un6fe1b4d1dbbf1031un1612e0f4bca6

    I know http://www.wisp.net.au/ will be stocking them as well, but don't have them listed yet.

    Stability will be key and certainly Vyatta and Debian are a good base for this. As long as the benchmarks they've published are accurate it's going to be a great product at an amazing price.
     
  2. samus

    samus Member

    Joined:
    Jun 3, 2002
    Messages:
    1,264
    Location:
    Baulkham Hills, Sydney.
    Any updates OP? Curious to see how you go with this project.
     
  3. SirNemesis

    SirNemesis Member

    Joined:
    Sep 22, 2002
    Messages:
    1,444
    Location:
    Geelong
    Why are people always so keen to build up something? We use Cyberoam everywhere for offices around this size and they've been perfect.

    http://www.cyberoam.com/
     
  4. Slidey

    Slidey Member

    Joined:
    May 5, 2002
    Messages:
    864
    Location:
    Melb
    +1 for cyberoam. Fantastic product and fairly cheap
     
  5. tin

    tin Member

    Joined:
    Jul 31, 2001
    Messages:
    6,420
    Location:
    Narrabri NSW
    Old hardware is free. Free software is free.

    I use Shorewall on Debian personally. I don't go much on the firewall distros. Partly because I find them restrictive, and partly because most of the popular ones have become all-in-one-everything-machines, not firewalls.
     
  6. SirNemesis

    SirNemesis Member

    Joined:
    Sep 22, 2002
    Messages:
    1,444
    Location:
    Geelong
    Old hardware has the potential to be unreliable. Unreliable causes downtime, downtime isn't free.

    I'll stick with the idea of spending a small amount for a hardware device that does all the essentials out of the box :cool:
     
  7. CaptainBlame

    CaptainBlame Member

    Joined:
    Jan 19, 2011
    Messages:
    286
    I know this is pedantic but people should call pfsense its name in full because pf is the name of openbsd's firewall which has been ported to freebsd and mac osx.

    Also I wouldn't call pfsense as a build up from scratch solution, it's pretty much a work out the box solution. Especially when you combine it with an embedded device, it's hard to say its any different to a commercial firewall appliance offering.
     
  8. Rezin

    Rezin Member

    Joined:
    Oct 27, 2002
    Messages:
    9,490
    Do you ever have any issues with the ntop package? Whenever I've run it in the past, it'd last a few hours or a day, then go tits up.
     
  9. mitsimonsta

    mitsimonsta Member

    Joined:
    Aug 21, 2006
    Messages:
    10,996
    Location:
    2161 / 2060
    This times a million. Wow.

    And here I was going to grab a Routerboard to play with.
     
  10. Kataton1c

    Kataton1c Member

    Joined:
    May 1, 2002
    Messages:
    1,466
    Location:
    Adelaide
    For home I use Debian.

    In the DC, use Vyatta and FreeBSD.

    BSD will push a higher number of packets compared and is good for DDoS mitigation and the likes.
     
    Last edited: Dec 23, 2012
  11. Rampage101

    Rampage101 Member

    Joined:
    Jun 27, 2001
    Messages:
    2,034
    Location:
    Country NSW
    New hardware fails as well, it's not somehow immune to problems.


    Posted from Overclockers.com.au App for Android
     
  12. mitsimonsta

    mitsimonsta Member

    Joined:
    Aug 21, 2006
    Messages:
    10,996
    Location:
    2161 / 2060
    Any more news on when the Ubiquity EdgeMax will be available?
     
  13. OP
    OP
    cybermonk

    cybermonk Member

    Joined:
    May 15, 2003
    Messages:
    134
    Location:
    australia
    No, nothing yet from Australian suppliers.:thumbdn:
     
  14. mitsimonsta

    mitsimonsta Member

    Joined:
    Aug 21, 2006
    Messages:
    10,996
    Location:
    2161 / 2060
    Not much shipping activity yet, still early in January I guess.

    I'm pushing my employer to buy a couple for testing. Much cheaper than some of the gear we would otherwise use.
     
  15. Daemon

    Daemon Member

    Joined:
    Jun 27, 2001
    Messages:
    5,471
    Location:
    qld.au
  16. mitsimonsta

    mitsimonsta Member

    Joined:
    Aug 21, 2006
    Messages:
    10,996
    Location:
    2161 / 2060
    Be interesting to see if they can make that date. You would have to think that they would be landing at the end of next week if that is the case.

    I have asked @ubnt about availability but no reply as yet.

    EDIT: Distributor site has the following on the front page:
    Finding the product page shows:
    I'm confuzzled.
     
    Last edited: Jan 16, 2013
  17. drgtr

    drgtr Member

    Joined:
    May 24, 2010
    Messages:
    145
    Pfsense is a great UTM but I heard it doesnt have proxy content filtering?

    You have to SSH in and modify some files?
     
  18. LiNERROR

    LiNERROR Member

    Joined:
    Apr 20, 2004
    Messages:
    129
    Location:
    US
    i'd flip off the router before pfSense. or if it's a combo modem/router, set it to bridge mode/dumb modem mode.
     
  19. samus

    samus Member

    Joined:
    Jun 3, 2002
    Messages:
    1,264
    Location:
    Baulkham Hills, Sydney.
    Nope it does. Install the package and config, and you are good to go.

    Its just Squid and squidguard, or you can use the dansguardian package if you want to. You can also customise you block pages, so your users don't freak out about the weird error message. It also has hvap for anti-virus filtering.

    Can't recommend it enough. Hell i even went the extra useless mile and stuck on an LCD with the LCD module.

    AS Herballizard said above, my pfsense install is actually on a clearbox, i bought one in my other thread. (That takes you the the specific post.) Best and worst 3000 i ever spent. ClearOS sucks, the hardware is great, and pfsense software is even better. Hard lesson to learn.
     
  20. Slidey

    Slidey Member

    Joined:
    May 5, 2002
    Messages:
    864
    Location:
    Melb
    Ive got a N40L Microserver at home with 2 extra NIC's

    Running ESXi with Sophos UTM installed. The 2 NIC's control LAN and WAN and the onboard NIC controls ESXi management and other VM's i install.

    Must say, Really impressed with Sophos (astaro). Highly recommended for home use.
     

Share This Page

Advertisement: