[CentOS] [OT] Corporate Firewall

Thu Nov 10 13:31:26 UTC 2005
Kai Schaetzl <maillists at conactive.com>

Ajay Sharma wrote on Wed, 09 Nov 2005 23:23:59 -0800:

> Right now we're looking at some open-source stuff like pfsense, 
> m0n0wall, etc...  But I'm totally open to an affordable commercial 
> firewall appliance.

I suggest taking a look at the Snapgear devices, now bought by Cyberguard 
(-> www.snapgear.com). They deliver excellent value for the money. When I 
bought mine about three years ago or so it was the only device under $1000 
where you could switch off NAT and enable transparent/bridged routing of 
public IP addresses. I don't know if it still is. They actively maintain 
the firmware (an embedded Linux version) and just delivered a completely 
rewritten interface, new kernel and much more functionality. The one thing 
from your list which is missing is traffic graphing, however, you can add 
this with ntop on one of your machines.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org