Solid Firewall on a budget
i always have been a fan and advocate of open source. open source solutions have improved overtime and become as robust and as powerful as their commercial counterparts.
joining prime strategies, network security was only one of too many areas where non-existing infrastructure could use some help. even though firewall, vpn and intrusion detection was not the first priority, after proper server setup and email solution, it wasn’t the last. with solid internal foundation came its turn.
first action was to decide to either invest thousands and thousands of dollars on improving existing bare bone cisco switch or to look into less expensive and possible more robust solution. devil linux caught our eye.
devil linux is a lightweight, strictly command line, gui-less distribution, which comes with other open source tools such as openvpn and shorewall. beauty of it is that it runs from usb flash drive, completely residing in ram and has simple, yet advance protection against bad configuration.
basic hardware client, consisting of 3 network cards (for dmz configuration) 4 gigs of ram and dual core processor – enough to run small to medium size office. there is no need for updates, monitoring and maintenance – it just works.