[asterisk-users] Best Firewall Suggestions?
Michiel van Baak
michiel at vanbaak.info
Tue Oct 13 17:24:41 CDT 2009
On 23:52, Tue 13 Oct 09, Hans Witvliet wrote:
> On Tue, 2009-10-13 at 14:42 -0500, Karl Fife wrote:
> > I think one of the very best options is pfSense. Free Open-source,
> > but it's BSD based, rather than LINUX based. As such it has a lower
> > risk of external exploits. The user-interface makes it incredibly
> > simple to set up and maintain. There is an embedded versions of it
> > available to run on affordable/reliable solid-state, diskless, fanless
> > Soekris/PCEngines embedded system boards.
> >
> > It's incredibly powerful, and It's ROCK SOLID. I find the traffic
> > shaping engine to work without a hitch. PFSense can do anything you
> > want including VPN (PPTP, IPSec, OpenVPN), failover (Multi-WAN),
> > IDS/IPS (snort)
> >
> > The NEWEST embedded version 1.2.3 rc3 (1.2.3-release is very close)
> > can run the sipproxd package as well as many other packages that
> > previously required the FULL version. Goodbye one-way audio! :-)
> >
> > -Karl
>
> pfsense with FreeBSD is a very powerfull combination, period.
>
> However, it is compared with a 64-character password from a generator.
> Darn-difficult to use, and often written on a post-it and a plague for
> the help-desk (and thus a security risc in itself).
>
> If you are familiar with BSD, good, fine. If not you probably are not
> aware that you're exposing yourself somewhere (if you got it working
> anyway).
A good *NIX admin will only need like 2 or 3 hours to get over it and
understand how BSD works when they work with linux.
That's how things work with the admins I have met.
In the end they all choose for the elegance and clean code and good
documentation of BSD before linux.
--
Michiel van Baak
michiel at vanbaak.eu
http://michiel.vanbaak.eu
GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71C946BD
"Why is it drug addicts and computer aficionados are both called users?"
More information about the asterisk-users
mailing list