Solved

Unix Firewall Server Software Advise

Posted on 2007-11-16
17
278 Views
Last Modified: 2013-12-04
Looking for a Unix server based software that I can run as a firewall content filtering and monitoring security ... That will be able to work with my network that runs under a Windows 2003 SBS
LOok for a firewall that can do the security for the network but the filewall software is unix based
0
Comment
Question by:finleyproduction
  • 6
  • 5
  • 3
  • +1
17 Comments
 
LVL 38

Expert Comment

by:Philip Elder
ID: 20303295
The best out there, IMNSHO, is OpenBSD with pf.
Good documentation and one of the most secure OSs on the planet.
Philip
0
 
LVL 38

Accepted Solution

by:
Philip Elder earned 250 total points
ID: 20303298
Even better is to upgrade your SBS to SBS 2K3 R2 Premium and run ISA. It is THE most secure platform.

We have client Web farms running behind it that have been protected since 2K3 was available on ISA 2K.

Awesome product ... as an alternative of course! ;)
Philip
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 250 total points
ID: 20303515
OpenBSD is good at access limiting - i.e you pass needed only traffic through.
Content filtering/acceleration can be provided by squid software.
What do you mean by security monitoring? Could be snord IDS but I am not sure if it meets your needs.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:finleyproduction
ID: 20304676
Well basicly all this sounds good and I will look in to some of the products. My network as previously mentioned has this unix box currently acting as a firewall. All traffic pass thought the unix box into my Windows 2003 SBS. The only problem I am having with the current software is that it was customized buy these contracted computer company that installed it. It is designed to scan for viruses and adware etc. It also keeps stats of traffic but I really don't like how its doing this. The squid on it seems to cache the pages which I really don't need. Sence we have a decent internet connection I don't use the proxy part. Accually trying right now to figure out how to turn the caching off and still be able to keep stats and have a secure firewall.

Because this software doesn't seem to work well for us I am looking for alternatives. Even possiableities of putting ISA but I feel we were had by this company that put it in I'am not inclined to spend anymore money for it. I am just looking for alternative and better solutions. Hay guys could you give me web address for these sites.


Thanks
0
 
LVL 62

Expert Comment

by:gheist
ID: 20304821
Post "uname -a" from your current firewall.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 20304837
www.microsoft.com/sbs
www.microsoft.com/isa
We have been supporting Proxy/ISA 2K/2K4 on SBS for a long time now. It is by far the simplest GUI based method of protecting your network.
ISA happens to be one of the most robust edge protection available.
Philip
0
 
LVL 62

Expert Comment

by:gheist
ID: 20304856
Is there UNIX-based ISA available? Is this what you are telling us?
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 20304992
Nope. Offering an alternative as far as our experience on ISA.
Otherwise, OpenBSD with pf + squid if cache is needed will work very will.
The question is, if you are having a hard time with the customized box now, are you planning to put the next box together? Or, are you going to find a company that will actually work with you on a Unix based solution?
Philip
0
 

Author Comment

by:finleyproduction
ID: 20306214
Having hard time customizing software now... Right now exploring other better unix based solutions without cache. Because currnet solutions doen't allow me to remove or stop the squid cache.
0
 

Author Comment

by:finleyproduction
ID: 20306217
How would I do "Post "uname -a" from your current firewall."
0
 
LVL 62

Expert Comment

by:gheist
ID: 20306908
How do you know it is UNIX ?
uname -a command will show you "UNIX" version, so you can get rid of squid.
0
 
LVL 6

Expert Comment

by:bpeterse
ID: 20423790
Sounds like your current solution is a black box to you.  Perhaps before you change anything on the current firewall - if you really want to test how robust a GUI based product is vs. unix - I would suggest leaving the current config intact, building/buying/renting your proposed [gui] solution and put it in place of the current box, same IP and everything.  Then gather metrics on that product and compare.  If you don't like it, you can always put the old [unix] box in its place - if you do like it, turn off the 'black box'.

good luck.
0
 
LVL 62

Expert Comment

by:gheist
ID: 20426166
Please provide names of network software that is BASED ON GUI
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22859064
Untangle ... is Linux based and free at the base level.
www.untangle.com
Philip
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22859067
Oh ... and it is GUI based.
Philip
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IIS 7.5 to 8.0 6 108
How can I migrate printers individually from SBS 2008 to 2012 foundation 1 43
Certificate Renewal Question 3 47
ESXi VM of Server 2003 Saving Slow. 7 56
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now