Smoothwall, ClarkConnect or home rolled firewall/proxy/VPN server ?

OK, as per thread title I am curious about your thoughts on Smoothwall v ClarkConnect.

At present we run a Smoothwall Corporate 3 server, primarily as a combined firewall and VPN server for 20 remote workers and one site-to-site link. It's a long time past its sell-by date, so I need to replace it.

I've been playing around with a Ubuntu Linux based-home rolled counterpart and I am happy with it to the point where I'd be prepared to roll it out - currently it can handle the firewall side of things with aplomb, the VPN tunnels and it can also do proxy/content filtering/logging and other nonsense.

Ordinarily I'd rather have a separate proxy/content filter in a box sitting behind the firewall, but in this case that won't be an option.

Trouble is, whatever solution I put in place I need to know that whoever follows along behind me can pick it up.

That leads me back to a commercially available GUI driven product a la Smoothwall or ClarkConnect - most of the lower end security appliances won't be as cost effective if we take the VPN tunnel requirements into account.

So, thoughts on the comparative merits or possible alternatives would be appreciated.
Who is Participating?
bevhostConnect With a Mentor Commented:
It's been a really long time since I evaluated these, but at the time I decided to stick with SME Server from,  which has a lot more features and doesn't require any licenses.
If by VPN you mean PPTP remote access rather than LAN to LAN IPSEC style then SME server is nice and easy to set up.  It will also operate as the email server and file server with public/private access controls for it's 'Information Bays'.  
CopyleftAuthor Commented:
Thanks for the input.

I should have explained that we are using L2TP/IPSEC, hence I went for a Ubuntu/DansGuardian/OpenSwan solution to play with.

Our site to site and remote worker tunnels are all L2TP/IPSEC and I don't want to change that.

I will take a closer look at SME Server - I played with an earlier version some time ago and was not too keen back then, but now...
Doesn't sound SME server is for you.
What is your motivation for wanting to change ?
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

CopyleftAuthor Commented:
Smoothwall Corporate 3 is years old now and, although still capable in its own right, I'd like to implement proxy and content control, and inline AV scanning. Possibly even mail relay.

I'm happy enought o go to the latest Smoothwall 2008 (a jump of several versions) but the interface is different and network and other vital system settings are not directly available for export/import during an upgrade.

I figure if I have to start manually configuring a whole lot of stuff on a brand new box I should really look at which product it makes more sense to tinker with.

Smoothwall is currently a very strong contender with the additional modules to run the functions I'd like to have, but I'm open to alternatives.
Casey HermanConnect With a Mentor Citrix EngineerCommented:
I have been pleased with CC. I have been running it for about 2 years and it is very stable.  Very maintenance free.  Using it for DNS, antivirus, and file storage at home.  Has a lot of features a good gui for non techies.

CopyleftAuthor Commented:
Split the points according to how useful the comments were
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.