Untangle Home
It is $50 per year for home use, and includes all of the premium features, at a fraction of the cost.
Untangle is easily comparable to the other retail security appliance vendors, but it is Much easier to configure.
Many of the admins that favor a "lock out everything" mindset do not appreciate Untangle because it does not take that approach. But that makes it easier for the home-gamer to setup and fine tune.
There will be a definite learning curve because there are so many more features available.
For hardware, I recommend; A barebone headless pc that can be kitted out for $230 or less.
Any large publicly traded corporation has HUGE incentive to get it right, and keep your PC and data safe from malicious actors.
With media markets driven by clicks, and an army of lawyers itching to use the words, "class action". I understand and agree with the FOSS communities, and am grateful they are there, but I am also pleased with the MS platforms I manage single-handedly with over 400 users. MS is the least of my problems.
Don't want to be spied upon?
Don't have a medical record, SS#, bank account, ccard or address. And never, ever drive down the street in a licensed vehicle and enter any national chain store.
So yes, a homeless gypsy born using a midwife living in the Alaskan tundra has the ultimate data security.
We have spare pieces in house. I have all configs backed up. I can paste a config and plug it in easily. Our servers also offer some redundancy. We have 2-2003 server boxes running the VMs. The 2003 boxes are (going to be) fully isolated with only the VMs exposed, and providing the network services. We monitor everything with Cacti (SNMP) and a local college student is developing some nice plugins to map all of our hosts by gps coords (look at the Cacti forums if this interests you).
We have a paid consultant guiding me through this (20 yrs exp). Just on this point his response was "personal preference". He is running similar set ups in much larger environments such as our local hospital where he has hundreds of vlans setup.
We do have a paid consultant working with me on this. He is doing his job, of teaching me, very well. When I asked him this question, his response was, "personal preference". And so it is that preference that I am searching for.
I am definitely leaning this way. I currently have 2 hosts on the new network, and I just set them up as DHCP pools on the cisco gear to get them up and running, which got me looking at the capabilities of the Cisco gear. DHCP databases served via TFTP to all the field routers (3550's serving DHCP) was the other option I was looking at, but using ip helper to point to a central linux box sure seems easier. One of my main goals in this design is to limit broadcasts outside of each subnet, and ip helper obviously punches a hole in that philosophy. I can, and I will limit the protocols that ip helper transfers. I am thrilled to be getting all these suggestions and other ideas. Thanks
Me!
I have only been in this line of work for three years, and I have been sitting at the helm of someone else's network design for that period. Hence my thirst for knowledge.
Our 3550s are conf'd to "ip route" and most of our nat'ed, private ip, customers will be on these layer 3 Vlans which are seperated by location (per tower). But we offer a public IP for customers, who can be anywhere on our network, and their traffic will be on a separate layer 2 Vlan that is configured globally through our network. The key to this, is that we are injecting the 802.11q tag at each customers wireless subscriber module, and that tag defines which vlan they are on.
Thanks for the tip. We require our customers to have their own routers, and so far our wireless devices have protected us from this. But I did learn the hard way that VMWare Server enables DHCP by default when initially installed.
Slashdot Mirror
Untangle Home It is $50 per year for home use, and includes all of the premium features, at a fraction of the cost. Untangle is easily comparable to the other retail security appliance vendors, but it is Much easier to configure. Many of the admins that favor a "lock out everything" mindset do not appreciate Untangle because it does not take that approach. But that makes it easier for the home-gamer to setup and fine tune. There will be a definite learning curve because there are so many more features available. For hardware, I recommend; A barebone headless pc that can be kitted out for $230 or less.
Any large publicly traded corporation has HUGE incentive to get it right, and keep your PC and data safe from malicious actors. With media markets driven by clicks, and an army of lawyers itching to use the words, "class action". I understand and agree with the FOSS communities, and am grateful they are there, but I am also pleased with the MS platforms I manage single-handedly with over 400 users. MS is the least of my problems.
Don't want to be spied upon? Don't have a medical record, SS#, bank account, ccard or address. And never, ever drive down the street in a licensed vehicle and enter any national chain store. So yes, a homeless gypsy born using a midwife living in the Alaskan tundra has the ultimate data security.
We have spare pieces in house. I have all configs backed up. I can paste a config and plug it in easily. Our servers also offer some redundancy. We have 2-2003 server boxes running the VMs. The 2003 boxes are (going to be) fully isolated with only the VMs exposed, and providing the network services. We monitor everything with Cacti (SNMP) and a local college student is developing some nice plugins to map all of our hosts by gps coords (look at the Cacti forums if this interests you).
We have a paid consultant guiding me through this (20 yrs exp). Just on this point his response was "personal preference". He is running similar set ups in much larger environments such as our local hospital where he has hundreds of vlans setup.
Logging is the main reason I like our current dhcpd setup. I tried the dhcp debugs on the cisco gear and didnt get much.
We do have a paid consultant working with me on this. He is doing his job, of teaching me, very well. When I asked him this question, his response was, "personal preference". And so it is that preference that I am searching for.
I am definitely leaning this way. I currently have 2 hosts on the new network, and I just set them up as DHCP pools on the cisco gear to get them up and running, which got me looking at the capabilities of the Cisco gear. DHCP databases served via TFTP to all the field routers (3550's serving DHCP) was the other option I was looking at, but using ip helper to point to a central linux box sure seems easier. One of my main goals in this design is to limit broadcasts outside of each subnet, and ip helper obviously punches a hole in that philosophy. I can, and I will limit the protocols that ip helper transfers. I am thrilled to be getting all these suggestions and other ideas. Thanks
Thanks for the tip. We currently use the ISC DHCPd on a Centos VM and this will allow me to start with our current conf files.
Me! I have only been in this line of work for three years, and I have been sitting at the helm of someone else's network design for that period. Hence my thirst for knowledge.
Our 3550s are conf'd to "ip route" and most of our nat'ed, private ip, customers will be on these layer 3 Vlans which are seperated by location (per tower). But we offer a public IP for customers, who can be anywhere on our network, and their traffic will be on a separate layer 2 Vlan that is configured globally through our network. The key to this, is that we are injecting the 802.11q tag at each customers wireless subscriber module, and that tag defines which vlan they are on.
Thanks for the tip. We require our customers to have their own routers, and so far our wireless devices have protected us from this. But I did learn the hard way that VMWare Server enables DHCP by default when initially installed.