[CentOS] [OT] Corporate Firewall

Ajay Sharma ssharma at revsharecorp.com
Thu Nov 10 07:23:59 UTC 2005


The company I work for is in the market for a new firewall.  Right now 
we're hosting all of our own stuff (on CentOS servers) behind an old 
checkpoint firewall.

I think Checkpoint is overkill for our needs and very expensive, plus I 
don't like the "per-user" charges of some commercial solutions.  What do 
you guys suggest that we upgrade to?  Here are some of the features that 
I would like:

1) decent gui, either web based or a local client

2) usage graphs based on protocol.  So if our tiny T1 is saturated, I 
want to be able to find out what's eating up the bandwidth

3) VPN-friendly for a couple of road-warriors.  There won't be any 
remote offices so no server-to-server setups, just remote clients.

4) we have a DMZ and about 30 machines on the local network.  Everyone 
has a "normal" IP address, meaning that no one is behind NAT.  So it 
needs to handle this (which is pretty basic stuff)

5) high-availablity.  So if I buy two machines, one can successfully die 
and the other take over.

6) no per-user charges.  If the company hires a dozen people next year, 
we shouldn't have to "upgrade" our license.

Right now we're looking at some open-source stuff like pfsense, 
m0n0wall, etc...  But I'm totally open to an affordable commercial 
firewall appliance.

Thanks for you help.


More information about the CentOS mailing list