• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 588
  • Last Modified:

Smoothwall, ClarkConnect or home rolled firewall/proxy/VPN server ?

OK, as per thread title I am curious about your thoughts on Smoothwall v ClarkConnect.

At present we run a Smoothwall Corporate 3 server, primarily as a combined firewall and VPN server for 20 remote workers and one site-to-site link. It's a long time past its sell-by date, so I need to replace it.

I've been playing around with a Ubuntu Linux based-home rolled counterpart and I am happy with it to the point where I'd be prepared to roll it out - currently it can handle the firewall side of things with aplomb, the VPN tunnels and it can also do proxy/content filtering/logging and other nonsense.

Ordinarily I'd rather have a separate proxy/content filter in a box sitting behind the firewall, but in this case that won't be an option.

Trouble is, whatever solution I put in place I need to know that whoever follows along behind me can pick it up.

That leads me back to a commercially available GUI driven product a la Smoothwall or ClarkConnect - most of the lower end security appliances won't be as cost effective if we take the VPN tunnel requirements into account.

So, thoughts on the comparative merits or possible alternatives would be appreciated.
0
Copyleft
Asked:
Copyleft
  • 3
  • 3
2 Solutions
 
bevhostCommented:
It's been a really long time since I evaluated these, but at the time I decided to stick with SME Server from contibs.org,  which has a lot more features and doesn't require any licenses.
If by VPN you mean PPTP remote access rather than LAN to LAN IPSEC style then SME server is nice and easy to set up.  It will also operate as the email server and file server with public/private access controls for it's 'Information Bays'.  
See
http://wiki.contribs.org/SME_Server:Documentation:User_Manual:Chapter1#VPN_Access
0
 
CopyleftAuthor Commented:
Thanks for the input.

I should have explained that we are using L2TP/IPSEC, hence I went for a Ubuntu/DansGuardian/OpenSwan solution to play with.

Our site to site and remote worker tunnels are all L2TP/IPSEC and I don't want to change that.

I will take a closer look at SME Server - I played with an earlier version some time ago and was not too keen back then, but now...
0
 
bevhostCommented:
Doesn't sound SME server is for you.
What is your motivation for wanting to change ?
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
CopyleftAuthor Commented:
Smoothwall Corporate 3 is years old now and, although still capable in its own right, I'd like to implement proxy and content control, and inline AV scanning. Possibly even mail relay.

I'm happy enought o go to the latest Smoothwall 2008 (a jump of several versions) but the interface is different and network and other vital system settings are not directly available for export/import during an upgrade.

I figure if I have to start manually configuring a whole lot of stuff on a brand new box I should really look at which product it makes more sense to tinker with.

Smoothwall is currently a very strong contender with the additional modules to run the functions I'd like to have, but I'm open to alternatives.
0
 
Casey HermanCitrix EngineerCommented:
I have been pleased with CC. I have been running it for about 2 years and it is very stable.  Very maintenance free.  Using it for DNS, antivirus, and file storage at home.  Has a lot of features a good gui for non techies.

Casey
0
 
CopyleftAuthor Commented:
Split the points according to how useful the comments were
0
 
bevhostCommented:
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now