5 Best Open Source Firewalls - Page 2

By Carla Schroder
  • Print Article
  • Email Article

This is known as bricking, because the router was about as useful as a brick if this happened. These days you still have to be careful, but it's much safer and easier now. You can flash new firmware via your router's Web interface, so the primary risk is a power interruption. It takes maybe five minutes to flash the new firmware, so if you can keep the lights on that long you're golden.

There are also a number of vendors that have seen the light and, rather than maintaining their own firmware, they install DD-WRT or OpenWRT. That means you can buy it all prefab and ready to go to work. I prefer OpenWRT because it has a package manager. This is a huge benefit for one of these little firmwares; many of them do not let you install and remove software easily, but you must rebuild and re-flash the whole image.

A Linksys WRT54G router; open source routers

Figure 2: Linksys WRT54G. Image courtesy Wikipedia and Tharkhold.

Before you run out and buy, first visit OpenWRT.org and consult the Supported Devices database. There is a hard way and there is an easy way -- the easy way is to buy something that is well-supported. OpenWRT is free of cost, with no commercial support options.

Vyatta for the Small to Giant Enterprise

Vyatta offers a range of networking products, from the free community edition to hardware appliances to cloud and virtualization products. If you just want a nice robust on-premises firewall, then take a look at the free community download that you can install on your own hardware, or one of the hardware appliances all pre-loaded and ready to go to work.

The Vyatta 600 costs around $1,000. It's a complete package for small to medium-sized businesses that performs every networking task you can think of. It's a good bargain even if you use only a small subset of its giant feature set.

It includes Gigabit Ethernet, fast Compact Flash storage, USB ports, and quiet, low-power fan-less operation. The Vyatta software is a first-rate network operating system that serves up a giant batch of useful features such as advanced firewall, network monitoring and diagnostics, VPN, user authentication, high availability, Web filtering, and lots more. This is one of the best values in advanced firewall appliances.

Untangle Gateway

The Untangle Internet gateway is another excellent multi-function firewall that can handle a wide range of duties: user authentication (including Active Directory integration) VPN, captive portal, Web filtering, anti-virus, anti-spam, intrusion prevention, ad blocker, reporting, and higher-end features such as WAN balancing and automatic failover.

The base package is free, and you can choose from a range of add-ons that will cost you some clams. Untangle is very flexible with multiple software bundles to choose from -- from free to all the bells and whistles, including paid support. The most expensive bundle costs $540/year. The bundles are the best deals; you can also purchase individual applications, but it's like cable TV -- when you want more than two or three the bundles are a better buy, even though they include stuff you don't need.

Untangle, like Vyatta and Endian, also sells nice hardware appliances. And, like the others, the lowest-cost appliance costs slightly less than a thousand dollars. It is rated for 1-10 users but, as always, this is conservative and can support more.

There is a lot of competition in the open source firewall arena, so try a little dickering to see if you can strike a better deal. You have a lot of great products to choose from, so the differentiator could be who is willing to work the hardest to keep you happy.

Carla Schroder is the author of The Book of Audacity, Linux Cookbook, Linux Networking Cookbook, and hundreds of Linux how-to articles. She's the former managing editor of Linux Planet and Linux Today.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Page 2 of 2

Previous Page
1 2
This article was originally published on March 21, 2012
Thanks for your registration