[ previous ] [ next ] [ threads ]
 From:  "Adam Armstrong" <adama dash lists at memetic dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Enterprise m0n0wall?
 Date:  Sat, 26 Nov 2005 12:48:16 -0000
> > Have any of the m0n0 developers considered setting themselves
> > up to be a commercial entity that still devs open code but
> > will support it commercially? (which in my opinion is a GREAT
> > business model)
> I don't profess to be a m0n0 developer (I try to help out where I can on
> the
> mailing list, particularly with UK-specific issues, but I won't claim to
> be
> a master programmer), but I do deploy m0n0wall firewalls to clients as
> part
> of the other services we offer.
> Most of our clients are in the 10-30 employee range so don't really need
> the
> enterprise features you speak of (PPTP VPN is reliable, requires no
> additional software, and is easy for staff working at home to configure
> themselves, for example).
> > But isn't that where pfsence is supposed to be?  There are
> > already several custom options, like SMP support, or 50 pptp
> > connections.  Beyond that, shouldn't we be looking at a
> > different platform perspective?
> I looked at pfSense fairly recently as a replacement for m0n0 when we
> started deploying Asterisk servers to clients, since in the UK uploads on
> ADSL are limited to 256k and it's a lot cheaper to get 2 ADSL connections
> rather than 1 SDSL (upload >256k) connection. For now, we just deploy 2
> m0n0wall boxes at a site, one for each ADSL rather than load balancing
> them.
> My primary reason for avoiding pfSense at the moment is its requirement
> for
> a hard disk - something I really would prefer to avoid in a firewall. It's
> probably something that I should raise on the pfSense mailing list...

We're currently trialling both m0n0wall and pfsense for deployment at
customer sites. The pfsense guys are currently in the process of making it
play nicely with compact flash and other embedded boot methods, and it looks
like it'll work nicely when they're finished. We're using their embedded cf
images at the moment in a few places. Not quite at the stability level of
m0n0wall, but it's getting there!

My plan is to use m0n0wall for small things, probably using soekeris boards
and pfsense for larger deployments running from CF on larger security
appliances. The featureset of both m0n0wall and pfsense seem to outclass
many commercial firewalls without the horrid license fees and session
limits. The two things which I'd like to have are easy rebrandability so I
could call them OnyxWall Mini and OnyxWall Pro ;) and perhaps the ability to
add lower-access users so customers could gain access to status screens.

Well done to both groups :D

Adam Armstrong
Network Engineer
Onyx Internet