[BlueOnyx:04831] Re: Firewall for Datacenter
Stephanie Sullivan
ses at aviaweb.com
Mon Jun 28 15:56:36 -05 2010
> -----Original Message-----
> From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-
> bounces at blueonyx.it] On Behalf Of Gerald Waugh
> Sent: Monday, June 28, 2010 2:14 PM
> To: BlueOnyx General Mailing List
> Cc: coba-e
> Subject: [BlueOnyx:04815] Firewall for Datacenter
>
> Please excuse the crosspost
>
> We have a number of servers on a Class C network in a data center and
> would like to install a Linux firewall.
> TOPOLOGY AS BELOW.
>
> INTERNET
> |
> ROUTER
> |
> FIREWALL
> |
> SWITCH
> |
> SERVERS
>
> I have looked at using bridged firewall, as we do not need/want NAT.
> So far mixed results and can't seem to find one that includes a GUI.
>
> Any suggestions?
>
> Gerald
IP tables on linux can be a very effective firewall. I use them on my
servers to wonderful effect.
I have many clients with Watchguard firewalls. They handle attacks and
autoblacklisting well. Can provide very effective first level spam
filtering. They have a very nice gui interface and nice VPN capabilities.
The logging and reporting are also useful for figuring out problems and
usage.
Not inexpensive but my clients have been very happy and so have I with very
few problems. One client, saturating a connection with 3 bonded T1's started
running into performance issues with 3 instances of virus scanning http
proxies and a heavily used email proxy. This was a older (like 2 generations
of product lines ago) and a low end model. So it's a lot more than a
freeware but the results were peace of mind. Well, relatively.
So, there's my happy story...
-Stephanie
More information about the Blueonyx
mailing list