Manufacturing Information Solutions Forum Index Manufacturing Information Solutions
Your Place for Support and Discussions
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Protect Your Network With an Open-Source Firewall

 
Post new topic   Reply to topic    Manufacturing Information Solutions Forum Index -> Miscellaneous Software
View previous topic :: View next topic  
Author Message
mistux
Site Admin


Joined: 25 Jun 2004
Posts: 1042
Location: South Bend, Indiana USA

PostPosted: Thu Jan 07, 2010 4:23 pm    Post subject: Protect Your Network With an Open-Source Firewall Reply with quote

Protect Your Network With an Open-Source Firewall
When you need a robust firewall on a non-existent budget, here is an easy solution.
Michael Scalisi, PC World
PC World
Friday, September 11, 2009 1:19 AM

http://www.washingtonpost.com/wp-dyn/content/article/2009/09/10/AR2009091003938.html

It's the rare IT person who doesn't sometimes run into a situation where they are helping a client or organization who has more IT needs than budget. Often it's the rule and not the exception. If you ever find yourself in a situation where you need a decently robust and full featured firewall and have a budget approaching zero, I have just the solution for you: SmoothWall Express.

SmoothWall Express 3.0 is an open source GNU/Linux firewall which is security-hardened and freely downloadable. By design, it has minimal hardware requirements and a small footprint. It should work with nearly any Pentium class computer with at least 128MB of RAM and a hard disk with a capacity of 2GB or greater. It'll likely work with that PC you have sitting in your closet that you've been too lazy to recycle. You'll want to have at least two network cards installed for basic use, and three or more if you want to have a DMZ or incorporate a wireless network. Keep in mind though, that your firewall's reliability is limited by the hardware on which it's installed.

Don't worry if you don't know much about Linux. Though the geeky can get down and dirty at the command line, SmoothWall is very easy to install and configure. It's meant to be managed via an integrated web interface, so it's appropriate to run it headless.

To install, first download the 81MB ISO file and burn it to a CD. For those in need of disk burning software, I'm a big fan of IMGBurn.

Then boot your system to the CD and run the installer which will wipe your hard disk and install SmoothWall Express. Just accepting the defaults will lead you to a good starting place. The first "hard" question you'll be asked is what you want the default security policy to be for outgoing requests.

The default is Half-Open which permits most outgoing traffic except for that which is potentially harmful. You may also choose Open which doesn't limit outgoing traffic at all, or Closed which requires that you later explicitly configure what traffic is permitted.

You'll then need to choose how you want to configure your network interfaces. Your interfaces will be Green, Red, Orange, or Purple.

The Green interface is your trusted LAN. Red is the evil and dangerous Internet. Orange is your DMZ, and Purple is your wireless LAN.

Next you choose which network card will be assigned to each role. SmoothWall will probe for and automatically detect most cards. You'll need to specify IP configuration and optionally DNS and Gateway settings.

Additional items that may be configured are Web Proxy, ISDN configuration, ADSL configuration, and DHCP configuration.

Lastly, you'll need to set a Web interface password and a root password for command line access.

You're done with setup! I told you it was easy.

From here, you can leave your "Smoothie" as is and it's a fully functional firewall.

However, the most in-depth features are only configurable through the Web GUI. To get to the Web configuration page, point your browser to https://SmoothWallGreenAddress:441 and enter the admin password you configured earlier.

One thing that may surprise you is that for a free-product that's easy to configure, SmoothWall is remarkably full featured.

SmoothWall offers a number of capabilities, including: Proxy Servers, IDS, Logging, Traffic Graphs, DHCP, VPN, Dynamic DNS, Port Forwarding, Server Health and Access Control.

It also provides an interface for backing up and restoring your configuration, so when that Pentium II finally kicks the bucket, you can quickly get your SmoothWall firewall back up and running again.

What's the catch? Well, SmoothWall Express is limited to a single CPU and 1GB of RAM, but that's not likely to be an issue for even a couple hundred users. The real limitation is the lack of support. While there's a robust user community, you're mostly on your own with this. Of course, not surprisingly, there are a number of paid and supported products sold by the commercial arm of Smoothwall.

Michael Scalisi is an IT manager based in Alameda, California.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Manufacturing Information Solutions Forum Index -> Miscellaneous Software All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group