Not sure the smoothwall (Free) version will handle multiple RED (Internet) interface IP's out of the box, I know the paid for version does, but last I looked at it it didn't - needed a fair amount of tweaking if it's possible.
Your existing BSD box sounds like a winner - Installing ipcop or smoothwall just about does the same but with a nice gui.
If you don't need a gui - do you need to pay for software or use something that won't exactly do what you want out of the box?
IPcop can handle multiple IP's on its red interface. I have used ipcop for a similar setup - no problems but took a bit of config'ing to how i wanted it.
If you want absolute reliability and don't want to do much tinkering to get it working properly, get the paid version of smoothwall or buy an appliance with software already installed (You have support then and regular updates etc)- depends on your admin requirements, budget and traffic requirements as to which one you get.
I must throw in a very strong vote for m0n0wall here.
Despite the weird name, their firewall software solution can match most hardware firewalls in the high-end market if used on the proper hardware...
Then again, what is really a hardware firewall? No more than a custom server...
Having used Smoothwall in a hosting environment, I wouldn't recommend it. We ran a few low-traffic sites behind a smoothwall for about 6 months and had very poor performance. Having since moved to OpenBSD, performance is like night and day. That, combined with the fact that we can setup 2 OpenBSD boxes in automatic-failover using Carp/pfsync we wouldn't think about going back to Smoothwall.
. Having since moved to OpenBSD, performance is like night and day. That, combined with the fact that we can setup 2 OpenBSD boxes in automatic-failover using Carp/pfsync we wouldn't think about going back to Smoothwall.
Thanks for the info! Is there an OpenBSD solution that filters viruses and spam?
I've used watchgaurds in a number of non - hosting environments and they work great, supports really good too. But they are expensive, you get what you pay for.
█ Windows and Exchange Server Experts, UK and US Dedicated Exchange Servers.
█ MCSE Certified, Registered Microsoft Partner.
█ Exchange 2010, Server 2008 and IIS 7 Services now available!
█ www.windowsserv.com Email:[email protected]
You might want to check out www.networkbox.com.au. They offer a complete service, with free admin for their boxes. And they're smart people too, who I've known a long time. If you want a solid solution that will keep you safe and that will scan everything, this is the way to go.
I forgot to say, the www.network-box.com.au solution I mentioned above comes with a years free admin, done by knowledgeable guys. When looking at solutions, don't forget to figure in the admin costs, with the wrong firewall they could be quite high! Cheap aint always cheap.