|
||||||||
Hi there, I'm the network admin at ByLAN, a local LAN-party here in Norway, and at the moment we don't have a firewall. I've used m0n0wall with great success at home, but I'm totally un-experienced in using it in larger environments. Some key-data - 64 Mbit internet connection - 100 Mbit LAN connection - 800 users, mostly windows - An insane amount of virii, spyware, malware, p2p software and so on ... So, what do you recommend; Hardwarewise. I have two servers already, which will run mail/dhcp/dns and so on, but what I really want is as follows: - trafficshaping (yes, it's cpu and memory intensive for that many users, but I think we can scale out of it) - easy management (come on, you can't get much easier than m0n0wall :) - blocking of unwanted users/subnets on the outside (we don't want external users to connect to a server someone at the lan sets up and use our connection) - any more recommendations ? We want most of the ports to be open, but some ports will have to be mirrored (as in smtp, where we will have to scan all outgoing mail for virii and spam) Also, we will have public ip's on all the computers on the "inside", so there won't be any nat'ing. (and thank God for that) The party is starting 30 Sept, so we still have a few days to discuss this :) -- Christian Langeland - lchristi at fraggel dot mine dot nu A: Fordi det er naturlig å lese ovenfra og ned. Q: Hvorfor skal jeg skrive svarene mine under det jeg svarer på? Siterings-HOWTO: http://www.bersvendsen.com/usenet/quoting.html -- Christian Langeland - lchristi at fraggel dot mine dot nu A: Fordi det er naturlig å lese ovenfra og ned. Q: Hvorfor skal jeg skrive svarene mine under det jeg svarer på? Siterings-HOWTO: http://www.bersvendsen.com/usenet/quoting.html |