squirrellydw Posted December 10, 2011 Posted December 10, 2011 I'm thinking of getting a firewall but don't really know what to look for. What would you guys suggest? I'm loking to just protect my home network a little more. Newegg has a crap load but I have no idea what to look for. I should clarify that i'm looking for a firewall not a router and do I really need a firewall?
Johnm Posted December 10, 2011 Posted December 10, 2011 For home use, 99% of the time your home routers built in firewall is more then enough to keep you protected. those only start to fail when you start opening ports or doing silly things like placing your desktop in a DMZ (This would also be an issue with a firewall) There are several reasons to switch to a true hardware firewall. 1 a corporate network. a flimsy little home router just would not suffice for the amount of traffic going through it. 2 greater flexibility/support if you are hosting multiple public/private servers/domains and the firewall acting as or paired with a router would allow better forwarding to such resources on just the ports necessary (web severs/email servers/citrix servers). 3 Remote access. most modern firewalls allow for some sort of secure VPN access to certain internal network resources. 4 network filtering. you could use the firewall for greater filtering of websites your users can get too. although most companies use an internet proxy server to control access/usage. 5 Multiple public IP addressees. In most cases, home routers are not equipped to deal with multiple public IP addresses in the home. they do not have the ability to set up the Vlans to each Computer/Device with a public IP and keep track of the DHCP computers on a shared IP. 6 enhanced security and logging usually. things like Stateful Packet Inspection. this makes sure inbound traffic was actually requested from a PC.
SeeDrs Posted December 10, 2011 Posted December 10, 2011 pfsense.org I've been using that for a few years.
Johnm Posted December 10, 2011 Posted December 10, 2011 Yes, I should mention. For a good firewall. you do not need to "buy" a hardware one. traditioally a firewall was software. a windows or *nix application. now it is usually a very light standalone NIX OS/app in one. on a cheap used pc or atom Pfsense. on an old router DD-WRT tomato
ketiljo Posted December 10, 2011 Posted December 10, 2011 I'm using Pfsense on an old pc with two network cards. It's a freeBSD distro and very easy to setup and use. I started looking for an alternative to the router I got with the fiber line. So the fiber modem is set in bridge mode and pfsense handles routing and firewalling. Much better and more features than the fiber modem. Ketil
Loch Posted December 11, 2011 Posted December 11, 2011 I recommend the Linux/BSD distros. Many work great on old hardware. Only cost is running the computer 24/7 (they may be able to be virtualized but I'm not that adept). Smoothwall, MonoWall, IPCop, pfSense are very nice. If you want more of a complete firewall, server, monitoring appliance, check out Untangle. It requires more modern hardware.
Johnm Posted December 11, 2011 Posted December 11, 2011 If you are going to buy hardware for a pfSense box, the supermucro 1U Atom based servers are pretty nice and power efficient for a 24x7 box. You can also get the bare board and place it into a small mITX case.
dgaschk Posted December 13, 2011 Posted December 13, 2011 I recommend a Buffalo router. It comes with DD-WRT.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.