ask a geek for shopping advice and that shall be the start of a wikipedia article On 04/08/2009, Odhiambo ワシントン <odhiambo@gmail.com> wrote:
2009/8/4 Joe Murithi Njeru <joe.njeru@gmail.com>
Hi Odhiambo,
IPS stands for Intrusion Prevention System.
Nice. I thought Investment Promotional Services ;-) You should have used IDS/IPS since you need to detect/prevent, or?
The dual links provide redundancy should 1 provider be down. Typically the two links will be: an ADSL/3G link. a Fibre/Wireless link.
Content filtering involves blocking facebook, XXX sites plus whatever they require blocked.
A FreeBSD box would easily address your problem, moreso if you can use PF and craft good rules for it to do the load balancing. PFSense would have been handy for this, given the GUI, but I am not sure how easily you'll get to install the other applications required, given that I have never used PFSense beyond running it from the CD. I have once played with PF and load balancing of two links sometimes back but crashed that disk (it was a SCSI one) and cannot recover it. I have taken some time to try and remember how it went then, even the PF.conf that I believed I shared on the net but cannot locate it using google. The closest I've come to implementing the load balancing portion of this is * http://tinyurl.com/mkopb7*. Ignore as much as you are willing to and delve down to the PF rules. They should work well with FreeBSD 7.x if that is what you decide to use. Once you bag that, the rest is damn easy: For content Filtering - Use transparent proxy with Squid and Dansguardian (squid from ports, Dansguardian by hand!) For IDS/IPS - Snort+ACID+MySQL (easy to install from the ports) For VPN - use mpd5 from the ports.
Looking at all this, one whole day and you are up and running with FreeBSD:-)
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube
-- with Regards: Find out how you can own your own TFT T.V. at a fraction of the cost on my blog: http://gramware.blogspot.com