Hi there,
I'm a sysadmin in a school, I'm newly appointed here and got assigned a project to upgrade the network infrastructure to meet the essential security needs. Basically what we want is
1. to secure LAN from internet attacks
2. to allow a group of user/computers to access internet
3. to allow a group of user/computers to access only one IP(on internet) but not the internet.
4. to apply a virus filtering on all the net traffic entering my LAN
5. to apply a spam filter on all the mails entering to LAN
6. to content filter internet of some of the allowed users(not all users)
7. layer 7 filter
8. qos
9. logging
And all this has to be build on open source as per the budget constrains. Though I could always install debian and customized it to suite my need but that is something requires time and unfortunately I don't have much of that.
So decided to give a try to firewall appliances/UTM available on the internet. I tried several linux based firewall distro some of the are clearOS, Endian community edition, ip-cop, smoothwall, pfsense, censornet, monowall, zeroshell, gibraltor, untangle, ipfire to name a few.
Right now I'm running IP-cop with some mods added and it running perfect. But I'm missing the qos and layer7 filter, ip-cop support qos and can be customized to do layer7 filtering but you need to change the kernel which means no more official updated.
So I dive into internet further and stumble upon Astaro and eBOX. After doing a test drive on demo site, I can say astaro is something closely matching my needs. But unfortunately I haven't find good review about their products, I found people complaining about their support. I know its hard to come up with everyone's expectation, After visiting around their site, I found that knowledge base section is completely waste of time. Who on earth today have all of its user guides/manuals in pdf only? there is a html link on the kb section but clicking on that will point you to same pdf file. You could try downloading it but only thing you will get is a text file having html code. wait, you could also email it but sorry that will also point you to the same pdf file. Clicking on the link to view it always show error 550. also they provide only essential firewall edition for free which will not serve my purpose. eBox on the other hand is somewhat I was looking for, now I'm thinking to reconsider my thoughts about Astaro.
some features I like in ebox (not to mention ebox support all the function I listed above)
1. Modular approach
2. can be setup as dedicated mail server/file server/utm/prin server/egroupware/messaging/database/voip server or all in one server having all of these features
3. Based on debian (which I love and most familiar with)
4. Free
5. Still exploring