Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

How to protect your network with an open source firewall

Get yourself some hardcore protection.

Article comments

It the rare IT person who doesn't sometimes run into a situation where they are helping a client or organisation who has more IT needs than budget. Often it's the rule and not the exception. If you ever find yourself in a situation where you need a decently robust and full featured firewall and have a budget approaching zero, I have just the solution for you: SmoothWall Express.

SmoothWall Express 3.0 is an open source GNU/Linux firewall which is security-hardened and freely downloadable. By design, it has minimal hardware requirements and a small footprint. It should work with nearly any Pentium class computer with at least 128MB of RAM and a hard disk with a capacity of 2GB or greater. It'll likely work with that PC you have sitting in your closet that you've been too lazy to recycle. You'll want to have at least two network cards installed for basic use, and three or more if you want to have a DMZ or incorporate a wireless network. Keep in mind though, that your firewall's reliability is limited by the hardware on which it's installed.

Don't worry if you don't know much about Linux. Though the geeky can get down and dirty at the command line, SmoothWall is very easy to install and configure. It's meant to be managed via an integrated web interface, so it's appropriate to run it headless.

To install, first download the 81MB ISO file and burn it to a CD. For those in need of disk burning software, I'm a big fan of IMGBurn.

Then boot your system to the CD and run the installer which will wipe your hard disk and install SmoothWall Express. Just accepting the defaults will lead you to a good starting place. The first "hard" question you'll be asked is what you want the default security policy to be for outgoing requests.

The default is Half-Open which permits most outgoing traffic except for that which is potentially harmful. You may also choose Open which doesn't limit outgoing traffic at all, or Closed which requires that you later explicitly configure what traffic is permitted.

You'll then need to choose how you want to configure your network interfaces. Your interfaces will be Green, Red, Orange, or Purple.

The Green interface is your trusted LAN. Red is the evil and dangerous Internet. Orange is your DMZ, and Purple is your wireless LAN.

Next you choose which network card will be assigned to each role. SmoothWall will probe for and automatically detect most cards. You'll need to specify IP configuration and optionally DNS and Gateway settings.

Additional items that may be configured are Web Proxy, ISDN configuration, ADSL configuration, and DHCP configuration.

Lastly, you'll need to set a Web interface password and a root password for command line access.

You're done with setup! I told you it was easy.

From here, you can leave your "Smoothie" as is and it's a fully functional firewall.

However, the most in-depth features are only configurable through the Web GUI. To get to the Web configuration page, point your browser to https://SmoothWallGreenAddress:441 and enter the admin password you configured earlier.

One thing that may surprise you is that for a free-product that's easy to configure, SmoothWall is remarkably full featured.

SmoothWall offers a number of capabilities, including: Proxy Servers, IDS, Logging, Traffic Graphs, DHCP, VPN, Dynamic DNS, Port Forwarding, Server Health and Access Control.

It also provides an interface for backing up and restoring your configuration, so when that Pentium II finally kicks the bucket, you can quickly get your SmoothWall firewall back up and running again.

What's the catch? Well, SmoothWall Express is limited to a single CPU and 1GB of RAM, but that's not likely to be an issue for even a couple hundred users. The real limitation is the lack of support. While there's a robust user community, you're mostly on your own with this. Of course, not surprisingly, there are a number of paid and supported products sold by the commercial arm of Smoothwall.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *