[olug] Security Appliance Suggestions?
rob.townley at gmail.com
Fri Jan 21 21:24:02 UTC 2011
On Wed, Jan 19, 2011 at 1:49 PM, Christopher Cashell
<topher-olug at zyp.org> wrote:
> On Wed, Jan 19, 2011 at 9:44 AM, Noel Leistad <noel at metc.net> wrote:
>> Currently looking for a security appliance line to support at work...and
>> play, employer's customers and my own. Usual need is VPN, site-to-site and
>> road-warrior, mostly site-to-site, Firewall and all the rest of the features
>> that get thrown in to the term "UTM".
> Check out Vyatta's stuff. They offer a "Vyatta Core" (Open Source,
> community edition) version as a downloadable ISO, and they also offer
> a commercial version with some additional add-on software and support
> services. Lastly, they also sell an appliance version with hardware
> and software support, too.
> It's Linux based, originally targetting the concept of an Open Source
> Router, but due to the flexibility of Linux (and the market
> direction), it has evolved into more of a Open Source Unified Network
> Appliance, support feature sets for routers, firewall, VPN
> concentrators, and IDS's.
> They do a pretty good job of making the whole integrated set feel like
> an appliance. There's a single Command Line Interface that you can
> use to configure almost everything, and you do still have the ability
> to get to a shell for more advanced functionality.
> Pretty cool stuff. I'd definitely suggest giving it a good look.
> Community Site: http://www.vyatta.org
> Commercial Site: http://www.vyatta.com
> OLUG mailing list
> OLUG at olug.org
my favorite part of vyatta is something like:
"save configuration cmds > AllVyattaConfigCmds.txt"
Have an exact record of how the machine is configured. Very easy to
port those commands to an altogether different machine. The ethX
interfaces may have to be moved around, but that is it.
The downside is only paid subscribers get security updates quickly.
aptitude can be used to update and upgrade.
More information about the OLUG