Don's Pages and my Music

Tuesday, December 8, 2009

DIY pfSense firewall system beats others for features, reliability, and security | Linux and Open Source | TechRepublic.com

DIY pfSense firewall system beats others for features, reliability, and security

  • Date: December 7th, 2009
  • Author: Vincent Danen

Vincent Danen lists the benefits of using the do-it-yourself pfSense firewall system over some of the readily available firewall appliances from Linksys and D-Link.

—————————————————————————————

With the prevalence of “black box” appliance firewalls available for $50 or less, one might wonder why you would look for a do-it-yourself solution. Linksys and D-Link, among other vendors, create simple and easy to configure firewall solutions for cheap. And let’s face it, a firewall isn’t something you can choose to use anymore; a firewall is your first line of defense, and a critical one at that.

So where is the appeal of creating your own firewall system? Take a look at some of the many extra features available in a do-it-yourself firewall. While such a firewall system would be self-contained, require a fair amount of storage, run on over-powered hardware, and consume more electricity than a simple appliance, the benefits still far outweigh the drawbacks.

For one, there is a higher degree of reliability. Running on a full computer system makes it infinitely upgradeable. It can be extended to do more than just shuffle packets back and forth. You can turn a simple firewall into a full intrusion detection system. You can analyze and track bandwidth usage. It can be a VPN end point, a Web proxy, DHCP and DNS server, load balancer, handle automatic failover, and provide great diagnostic tools.

pfSense, a firewall system based on the FreeBSD kernel, can handle all of this and more. All wrapped up in a slick Web interface, it can also be controlled via the command line directly, via SSH or even over a serial port. Have some old hardware kicking around? pfSense can run on anything over a 100MHz Pentium system with 128MB of RAM. It can run without a hard drive: via an install-less Live CD with a USB or floppy drive to hold its configuration, or even run entirely on a 128MB compact flash card. This makes pfSense extremely versatile.

Read more...
http://blogs.techrepublic.com.com/opensource/?p=1110

pfSense Web Site...
http://www.pfsense.org/

Don

No comments:

Post a Comment