Just thought i would share my experiences with one of my latest projects (well something i have fitted whilst i wait for BT to get there finger out and catch up with me)

i have been looking at ways of securing my networks and two locations, these are already pretty secure but i need to protect them from outside threats that can be caused by staff opening dodgey emails, visiting sites with trojans e.t.c basically threats caused by people allowing them to happen.

I stumbled across http://www.untangle.com/ and to my suprise it has a free version, which obviously does not have all the extras you get with paid for flavours but still has plenty of protection plus some other extras.

This software is built on a linux platform that you install as your operating system. You cant install it with anything else, it is soley your firewall end of.

I had a spare hdd lying around so chucked it in my developement pc and installed it. This pc has two nic cards which is perfect for untangle as i am using this in bridged mode so it sits nicely in my network and runs as a transparent bridge. It probably took me and hour to install and setup, it has a huge amount of features that i am still tinkering with (reinstalled ona new server)

basically the transparent bridge sits on my network between my lan and modem and connected as follows

LAN > Internal NIC - bridged to - External NIC > Modem

So all the traffic from my LAN flows into the internal NIC card is filtered through the software and out the External NIC to the modem. The result is everyone can work as normal but the untangle server happily filters all inbound and outbound traffic seemlessly.

Having proved this works i did some research on ebay for a couple of rack mountable servers and picked these up for £110 each, which are around 4 years old but with a spec thats more than ample for untangle (dual xeon 3ghz processors with 4gb ram) so today i mounted the first one in the data cabinet were it hardly noticable (these are 1u servers).

A couple of big pluses for me are the remote management,

I can logon from anywere and manage the server. It has daily reporting system that emails pdf's or i can run this anytime by logging on.

It has a captive portal were i have added my own user agreement for staff who have to acknowlege it before being able to use the internet, this can also be set to with username and passwords if you wish.

But most of all it filters any phish attempts, spam and spyware from websites directly. By having this inplace it reduces the load on the pc's and and keeps my network safer.

Just thought i would share this with you all and for those that want something to offer a decent protection to there networks then this is certainly a must