LINUX PROXY/FIREWALL AS AN ALTERNATIVE TO WINDOWS
Hello All I am currently using a microsoft firewall for a corporate Lan.however of late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense I may have left others My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it? I would really appreciate any feedback Regards Cynthia
pfsense On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate Lan.however of late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
All are very good and perfect, what matters is how you configure them and deploy - and what is easy for you! Go in a virtual machine and test and make a decision. ./Ok3ch On Thu, Feb 14, 2013 at 11:44 AM, mash lists <mashlists@gmail.com> wrote:
pfsense
On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate Lan.however of late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
I would advocate for a locally customized solution. Centos+Squid+Apache+Postfix+Iptables+Snort+Webmin will give you a perfect solution. Most ready made solutions out there are so closed and stripped. ---- Kind Regards, Alex Nyalita On Thu, Feb 14, 2013 at 11:46 AM, Okechukwu <okechukwu@gmail.com> wrote:
All are very good and perfect, what matters is how you configure them and deploy - and what is easy for you! Go in a virtual machine and test and make a decision.
./Ok3ch
On Thu, Feb 14, 2013 at 11:44 AM, mash lists <mashlists@gmail.com> wrote:
pfsense
On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate Lan.however of late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Thank you all for your advice
I would advocate for a locally customized solution. Centos+Squid+Apache+Postfix+Iptables+Snort+Webmin will give you a perfect solution.
Most ready made solutions out there are so closed and stripped.
----
Kind Regards,
Alex Nyalita
On Thu, Feb 14, 2013 at 11:46 AM, Okechukwu <okechukwu@gmail.com> wrote:
All are very good and perfect, what matters is how you configure them and deploy - and what is easy for you! Go in a virtual machine and test and make a decision.
./Ok3ch
On Thu, Feb 14, 2013 at 11:44 AM, mash lists <mashlists@gmail.com> wrote:
pfsense
On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate Lan.however
of
late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Hi nyalita, Pfsense used for last 5years,simple to install,and administor.Combine it with Untangle both opensource,and all your users will be at your mercy...just kidding.but they are stable,so long as you clear the logs which tend o slow them down due to your filtering rules. Mnawe On Thu, Feb 14, 2013 at 1:45 PM, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Thank you all for your advice
I would advocate for a locally customized solution. Centos+Squid+Apache+Postfix+Iptables+Snort+Webmin will give you a perfect solution.
Most ready made solutions out there are so closed and stripped.
----
Kind Regards,
Alex Nyalita
On Thu, Feb 14, 2013 at 11:46 AM, Okechukwu <okechukwu@gmail.com> wrote:
All are very good and perfect, what matters is how you configure them and deploy - and what is easy for you! Go in a virtual machine and test and make a decision.
./Ok3ch
On Thu, Feb 14, 2013 at 11:44 AM, mash lists <mashlists@gmail.com> wrote:
pfsense
On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate Lan.however
of
late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
sorry..nyalita that was for cynthia.. On Thu, Feb 14, 2013 at 2:13 PM, Moses Mnawe <mosechizi@gmail.com> wrote:
Hi nyalita,
Pfsense used for last 5years,simple to install,and administor.Combine it with Untangle both opensource,and all your users will be at your mercy...just kidding.but they are stable,so long as you clear the logs which tend o slow them down due to your filtering rules.
Mnawe
On Thu, Feb 14, 2013 at 1:45 PM, Cynthia Wahome <cwahome@jambo.co.ke>wrote:
Thank you all for your advice
I would advocate for a locally customized solution. Centos+Squid+Apache+Postfix+Iptables+Snort+Webmin will give you a perfect solution.
Most ready made solutions out there are so closed and stripped.
----
Kind Regards,
Alex Nyalita
On Thu, Feb 14, 2013 at 11:46 AM, Okechukwu <okechukwu@gmail.com> wrote:
All are very good and perfect, what matters is how you configure them and deploy - and what is easy for you! Go in a virtual machine and test and make a decision.
./Ok3ch
On Thu, Feb 14, 2013 at 11:44 AM, mash lists <mashlists@gmail.com> wrote:
pfsense
On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate
Lan.however of
late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Good day. Tested all the above.... Endian Community came out on top due to six reasons. 1. browser based configuration and administration 2. Active Directory Authentication 3. Rule based web filtering 4. Snort for IDS (Optional) 5. Graphs and reports on the fly (No additional plugins) 6. Active Knowledge Base / Forum One thing though... after setup your NIC designations may get reversed... funny bug. Also the latest edition doesn't support RAID disks.. switched to an older PC, (2GB RAM, 80GB HDD IDE) and i was sorted. Periodically you will need to clear logs (or not configure logging at all, depending on your needs) Still using it on two sites. ./Sam On Thu, Feb 14, 2013 at 2:14 PM, Moses Mnawe <mosechizi@gmail.com> wrote:
sorry..nyalita that was for cynthia..
On Thu, Feb 14, 2013 at 2:13 PM, Moses Mnawe <mosechizi@gmail.com> wrote:
Hi nyalita,
Pfsense used for last 5years,simple to install,and administor.Combine it with Untangle both opensource,and all your users will be at your mercy...just kidding.but they are stable,so long as you clear the logs which tend o slow them down due to your filtering rules.
Mnawe
On Thu, Feb 14, 2013 at 1:45 PM, Cynthia Wahome <cwahome@jambo.co.ke>wrote:
Thank you all for your advice
I would advocate for a locally customized solution. Centos+Squid+Apache+Postfix+Iptables+Snort+Webmin will give you a perfect solution.
Most ready made solutions out there are so closed and stripped.
----
Kind Regards,
Alex Nyalita
On Thu, Feb 14, 2013 at 11:46 AM, Okechukwu <okechukwu@gmail.com> wrote:
All are very good and perfect, what matters is how you configure them and deploy - and what is easy for you! Go in a virtual machine and test and make a decision.
./Ok3ch
On Thu, Feb 14, 2013 at 11:44 AM, mash lists <mashlists@gmail.com> wrote:
pfsense
On 14 February 2013 11:39, Cynthia Wahome <cwahome@jambo.co.ke> wrote: > > Hello All > I am currently using a microsoft firewall for a corporate Lan.however of > late this firewall misbehaves and brings major downtimes. > Am talking about Microsoft TMG > Am looking at something that can do > 1) Proxy Services eg browsing,Reverse proxy etc > 2) SMTP > 3) Web Publishing > 4) Firewall > > I have searched and i have gotten the following alternatives > 1) ClearOS > 2) Ipcop > 3) Endian > 4) Pfsense > > I may have left others > > My questions are > 1)Which would you advise to be good in terms of Functionality > 2) Can they be configured in a cluster mode > 3) support ,how is it? > > I would really appreciate any feedback > > Regards > Cynthia > > > _______________________________________________ > skunkworks mailing list > skunkworks@lists.my.co.ke > ------------ > List info, subscribe/unsubscribe > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Consider cyberoam On Feb 14, 2013 11:38 AM, "Cynthia Wahome" <cwahome@jambo.co.ke> wrote:
Hello All I am currently using a microsoft firewall for a corporate Lan.however of late this firewall misbehaves and brings major downtimes. Am talking about Microsoft TMG Am looking at something that can do 1) Proxy Services eg browsing,Reverse proxy etc 2) SMTP 3) Web Publishing 4) Firewall
I have searched and i have gotten the following alternatives 1) ClearOS 2) Ipcop 3) Endian 4) Pfsense
I may have left others
My questions are 1)Which would you advise to be good in terms of Functionality 2) Can they be configured in a cluster mode 3) support ,how is it?
I would really appreciate any feedback
Regards Cynthia
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (7)
-
Alex Nyalita -
Cynthia Wahome -
mash lists -
Moses Mnawe -
mwei gideon -
Okechukwu -
Samuel Wachira