[lug] Small Firewall with Excellent Logging

Glenn English ghe at slsware.net
Tue Mar 24 23:08:02 MDT 2015

On Mar 24, 2015, at 10:17 PM, Maxwell Spangler <maxlists at maxwellspangler.com> wrote:

> In the past I've used a variety of consumer grade firewalls to protect small office networks from internet attackers.  Linksys WRT units with DD-WRT is a favorite.
> However, I feel like these solutions are often ideal for just that: acting as a defense against incoming attackers.
> I'd like to find a small footprint, low power, high quality, trustworthy firewall that would allow me to do the same but provide more logging capability to see what's going out and then let me control it.  Ideally, this would be block everything and allow me to easily identify whats going out and selectively enable it.

Look into a Juniper SSG-5 -- it's quite small, very high quality, inexpensive for Juniper, available at Amazon, and logs like crazy if you ask it to. Its Ethernet is only 100Mb, but that's plenty for 'most any Internet connection you'll find in a small office. I think it's available with or without WiFi.

I suspect, though, that it's configuration is significantly more complicated than you find on consumer boxen. It's for sure more complex than the Netgear I used to have (it does have a web-based GUI that works well once you learn what it's talking about). I get email once or twice a day from the one I installed a few years ago down in Texas, telling me about hackers and such.

OTOH, I managed to get it going shortly after a serious brain injury, so maybe it's not as complex as I remember...

Glenn English

More information about the LUG mailing list