Bridging fireall advice and giudance
Posted on 2006-04-04
I would like to implement a firewall device on my network but am unsure what to look for in such a device.
All clients on the networ have public routable IP addresses. The main firewall is managed by someone else and I have limited control if it. I manage a subnet of the main network but would like to put a firewall device between my servers and network connection. There is a small budget for this project so an open source linux project might be best. The network is relatively low traffic so will not need to handle thousands of connections.
I have read about bridging firewalls, which seem to offer the functioanlity I need. I.e. can be placed inline between a server and switch or the main network feed and the switch connecting the servers. Changing network addressing is not an option.
I have used things like IPcop before and have been really pleased with them. However they all seem to implment NAT and you have to use private IP addresses for your local network. Ideally I would like something with VPN and IDS capabilities built in web cahing isn't needed.
Can anyone recomend any projects or products. Do any managed switches offer these features?