« Home | Rack'em Stack'em » | Installing Subversion on legacy Red Hat distros » | MySQL inches towards closed source » | Orbitz TLC » | Microsoft ISA server and Linux » | Control multiple computers with a single keyboard ... » | Is the party over for Indian Outsourcers? » | Google Tech Talk - Inbox Zero Presentation by Merl... » | Shopping for General Liability Insurance » | My New GPG Key »

Roll Your Own Firewall, Part I

Now that my rack is ordered and on the way, I pondered the value of rolling my own dedicated 1U firewall/VPN appliance. Given how fragile the Linksys and Netgear firewall/VPN routers I have used, I decided I wanted my own, dedicated perimeter firewall, with the following requirements:
  • Cost. The entire solution must be under $500. My expense policy is that anything under $500 can be expensed, rather than depreciating it on a schedule.
  • Heat. Currently my computers are clustered together in my home office, which lacks a separate air conditioner. Adding a stack of 350 watt servers is not an option I would look forward to. If at all possible, I would like it to be a nice, quiet embedded server.
  • Linux. As a Microsoft Partner, I would love to have used ISA server – and written a step by step guide to doing it. However, it wasn't included in my stack of DVDs, and the thought of installing Windows 2003 headless was a little daunting. As a result, I chose to go with Linux. ISA server can be used here as well.
Firewall Hardware Requirements The only reasonable article available that I could find about right sizing the hardware requirements, relates the minimum tested requirements for implementing Microsoft ISA server. Given my experience, the Linux requirements should be about the same, if not more lenient. My own network is currently connected to the Internet via a 6MBits interface (DSL or Cable). Given a throughput in the range of 3 Mbps to 44Mbps, the minimum requirements are (drum roll please) -- one computer, Pentium III, 550 MHz processor. This should satisfy a T3 connection to the Internet. You do remember the Pentium III computers right? Well, translated in layman's terms, almost anything will do. Since I want a low power, quiet embedded computer that leaves quiet a few choices. After much searching I have narrowed the field down to the Halcom 1U Rackmount VIA 1Ghz Nehemiah Padlock 3-LAN Firewall/VPN/VoIP Platform. It is a 1U case which contains a VIA C3 running at 1GHZ. In addition there are 3 LAN ports onboard. So far it is on the top of my list, while I continue to search for a cheaper solution.

Powered by ScribeFire.

Labels: ,

Posted by Joe Turner on Tuesday, August 21, 2007 at 12:04 AM |

Post a Comment