[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 672
  • Last Modified:

Firewall for home

I would like some advice on wether to go with ipcop 2.0 or use a ASA 5505 for my firewall at home. I have a satalite connection 1.5mps that i use for internet connection. I would like to be able to monitor traffic and of course keep ppl out. My network will consist of a direcway 9000 for internet connection. A cisco e4200 wireless router, then either the ipcop or cisco asa5505. This is what i will use on the network: 2 laptops, 2 ipads and a desktop pc. I have some understanding of networking but a long ways to go. i have used the prvious version of ipcop and liked how it showed the connections(incoming and outgoing). The cisco 5505 i have used the gui but i dont know how to see the incoming and outgoing traffic. i also dont know the cli. So any advice for me would be most gracious. I am looking for a why one may be better solution than the other. The cisco ASA5505 has 1GB of memory and the ipcop will be a P4 with 1Gb of memory.
0
catndahat
Asked:
catndahat
1 Solution
 
klodefactorCommented:
IPCop is fine, and the P4 is more than enough to handle the traffic.  Myself,  I use m0n0wall (http://m0n0.ch/) for PC-based firewalls.  Like most such firewall software, it provides connection logging so you can monitor what's going through your firewall.  pfsense (http://www.pfsense.org/) is based on m0n0wall and is similarly good.

I haven't enjoyed using the Cisco ASA line of products for corporate use; preferring CheckPoint instead.  ASA may suffice for home use but with open source tools like IPCop/m0n0wall/pfsense, the cost is hard to justify if you have an old PC lying around.  Even if space/noise/heat/power are an issue, you can purchase embedded form-factor PCs that run e.g. m0n0wall (http://www.applianceshop.eu/index.php/firewalls/opnwall/desktop-editions.html) for roughly $300.  That's much less than the cost of an ASA 5505.

By the way I think you're saying your network will look like this:
Direcway 9000  ---  Cisco E4200  ---  Firewall  ---  LAN
Depending on your security requirements, this may also be suitable
Direcway 9000  --- Firewall  ---  Cisco E4200
                               |
                                \---  LAN
In other words you use three separate NICs on the firewall, so each element is on its own network.  This lets you use your firewall for things like VPN and/or captive portal for wifi connections, adding to the security already provided by e.g. WPA2.

--klodefactor
0
 
jmeggersSr. Network and Security EngineerCommented:
I use a  5505 at home and am happy with it, but I've never really tried anything else.  There are some limitations in the ASA (no PBR, no outside load-balancing of ISP connections) but so far none of those apply to my situation.
0
 
catndahatAuthor Commented:
Hey thanks for the response and other suggestions. I will try the m0n0wall and see if I like it.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now