|
Having built and ran custom linux firewall's, I will say this... IF you decide to roll your own, make sure that you document it VERY well for when you're not there. I personally wouldn't recommend rolling your own for a business when you have little knowledge of linux and iptables plus scripting skillz.
There are some good firewall distros out there and if you decide to go that route then try to use one that offers paid support. pfsense is a good firewall distro and they do offer paid support. I say that about paid support because the inevitable will happen. You'll be out sick, on vacation or whatever and something will go wrong with the firewall. The paid support in that situation will be invaluable to the ones that are trying resolve the problem in your absence.
You will most likely be better off though just dropping an ASA in the network if you don't have any linux gurus in house.
Last edited by Silver Bullet; 01-09-2009 at 02:19 PM.
|