[ale] Trustix Enterprise Firewall's License
runman
runman at speedfactory.net
Sun Jul 23 10:57:21 EDT 2006
Does anyone have any experience with this product ? and if so, what kind of
license does it have ? It seems that Trustix Secure Linux is a distro (free
under the GPL), but the Enterprise Firewall is a commercial product
requiring a license. I searched the forums and it seems that the license is
good for only a year and the "free" version will only support one group of
IP addresses or "zone". I noticed that the key requires your MAC address
also. Does anyone have any comments/thoughts/advice on a multi-interfaced
firewall product that can connect to pppoe ? Here are the ones I have tried
and my impressions :
Situation : Firewall needs to connect via pppoe to my ISP. I run 2 DMZ's
and a private network in addition to my connection to the Internet for a
total of 4 NICs (interfaces). Needs to handle up to 20 pc's at one time.
Easily upgradeable and easy to run. Will reconnect automatically if
connection dropped.
What I have tried :
Astaro - seems slow and has problems reconnecting after a dropped
connection. Licensed and a commercial product. Hardware requirements seem
excessive for what I have available and what I need done. Interface is
really extensive and complex, but ok if you have time to work your way
through the manual. "Free residential" license limits you to only a few pc
connections at a time. Tries to have "the world" in one distribution, which
explains the hardware requirements.
Smoothwall and IPCOP - seem to have trouble configuring more than 3
interfaces. If there are problems after 2 attempted installs I move on. I
have used both in the past until I grew my network.
m0nowall - runs off a CDROM, more for embedded market it seems. I ran it
for awhile ok. Is my back-up go-to for a quick firewall solution. Can
store config on a floppy (which I still install on all my pcs' as it is all
I need to upgrade in many instances).
pfSense - fork of m0nowall, crappy documentation, possible use of plugins
seems to cater to ignorant masses wanting all sorts of silly
servers/services on a firewall (I just want a stateful packet filter). It's
what I am using now. Uses customized FreeBSD, pf, altq, carp.
OpenBSD - requires some work to set up, is all manual, ppp0e (kernel) is
kinda involved, and I had problems with the userland pppoe. Last benchmark
I saw ranked OpenBSDs' ppp0e last after NetBSD, Linux, and FreeBSD in
matters of speed. However it is installable on everything.
Have not tried : small SOHO embedded products like Cisco or CheckPoint or
others.
- Greg
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.3/395 - Release Date: 7/21/2006
More information about the Ale
mailing list