 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Jerry Feldman wrote:
>
> At the last BLU meeting, someone mentioned an inexpensive self-contained
> firewall product as an alternative to using a firewall in a linux box
> which may be used for other purposes.
Why, that would be me! :-)
> I forgot the name. Could someone please post a URL for that product.
Here's a repost of the message I sent to the list after the meeting.
-- Jerry Callen
============================================================================
At last night's meeting the topic of firewall appliances came up, and
I offered to send some information to the discussion list about the
ones I have investigated. Here is a list of the products I am aware of,
with a little commentary about them. Note that the only product I have
actual experience with is SonicWALL; perhaps some readers may have
experience other products and can add to my sketchy comments.
- SonicWALL
Sonic Systems
www.sonicsys.com
Hardware gizmo about the size of a hublet. Two RJ45s: one to the Internet,
the other to the internal network. Configured via a Java-enabled browser on
the internal network. Can act as a DHCP client to the Internet, DHCP server
to the internal network. Allows inbound connection requests to be directed
to a specific internal host on a per-port basis. Can log "knob turners" and
send the log to an email address or a SYSLOG port on the internal network.
Implementation uses stateful packet inspection; not all protocols supported
(such as NetMeeting, some tunnelling protocols). Can be upgraded (firmware
change) to support VPNs/IPsec.
Cost: about $400 for the low-end unit (which I have).
- Instant Internet
Nortel Networks (part of BayNetworks?)
www2.nortelnetworks.com/products/Instant/iibrochure.html
Similar to SonicWALL.
- Netopia R9100 Ethernet Router
Netopia
www.netopia.com/hardware/leasedline/r9100.html
Similar to SonicWALL, but also includes an 8-port hublet.
- GNAT box
Global Technology Associates
www.gnatbox.com
Software solution; it's basically a pre-configured Linux on a single
floppy that you boot directly. Free download if you want to try it out.
I've had my SonicWALL for about two months. It was dead-up simple to
install and get working with MediaOne; I got it working on my internal
network and did the basic configuration, then called MediaOne and gave
them the new MAC address, and I was up and running. My internal network
has Linux, Windows 98 and Macintosh clients; they all work fine.
-- Jerry Callen Mobile: 617-388-3990
Narsil FAX: 617-876-5331
63 Orchard Street email: jcallen at narsil.com
Cambridge, MA 02140-1328
PGP public keys available from:
http://www.nai.com/products/security/public_keys/lookup_key.asp
fingerprints:
DH/DSS key ID 0x1806252C: 7669 A4CD 759A 6EB7 AF04
C10D B659 2A4B 1806 252C
RSA key ID 0x99F7AAE5: D265 DC9C 13FD 6110
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
