[ale] Buy vs. build

Rich Faulkner rfaulkner at 34thprs.org
Thu May 5 14:20:26 EDT 2011


http://www.vyatta.com/
Vyatta

Can't tell you a lot about it but has been touted by some as the good
tool for building a DIY router on a budget.

RinL



On Thu, 2011-05-05 at 13:36 -0400, David Hillman wrote:
> Our firewall is close to dead.  My boss wants to buy an expensive
> one.  I think it's better to build.  We had problems extending the old
> firewall, plus it would give us a chance to actually have OpenVPN on
> the firewall box itself.  The trouble is figuring out how to get to a
> working solution that's flexible and affordable.  Should we go with a
> trihomed solution?  Should OpenVPN then listen on all interfaces, or
> just the external one?  How does this all fit in with our Active
> Directory and DNS server?  Can OpenVPN easily deal with Active
> Directory?  How should packets be routed from the VPN connection to
> the internal network and to the DMZ?  Should we go with a powerful
> little box that has iptables on the hardware and something like
> Virtualbox + PHPVirtualbox for everything else?  By the way, we were
> using a Secure Computing box before.
> 
> 
> The AD box can then be virtualized and consolidated inside the one
> physical box.  Our web box (virtualized) and file server box would
> still stay separate.  Then, how do we tie the virtualized AD service
> back into the LAN?  Through the internal network interface via virtual
> switch?  What are the chances of the firewall box failing?  Of course,
> we were thinking of a Mini-ITX board with Intel Atom (no fans) and
> RAID 1 SSD drives.  Are there any good books dealing with issues like
> these?  I can understand buying to save time, but how many headaches
> do you have to put up with down the road
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo




More information about the Ale mailing list