Menu
What's new
By:
Filters Better Search

Recent content by mtganzer

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. M

    Looking for Router/Gateway with Greater Security than traditional consumer equipment

    Nicely described, though I Would change 1st option to: If you use VPN and/or want an IDPS (i.e Snort or Suricatta)
  2. M

    Looking for Router/Gateway with Greater Security than traditional consumer equipment

    A couple nits. First, pfSense is built on FreeBSD, and you can install any of the available FreeBSD packages. But yes it's FreeBSD not Linux. But also if you are advocating running firewall + file server + app cache + whatever on a single OS instance, I have to ask WHY? Management and...
  3. M

    Looking for Router/Gateway with Greater Security than traditional consumer equipment

    ...or pfSense, OPNsense, etc. BTW I have not set up a BARE Linux box as a router/firewall since...oh...probably 2000! Unless you are (or want to be) a wizard with raw iptables, best to find a distribution that has simple router/firewall front end (anyone remember Mandrake Single Network...
  4. M

    How efficient are those security-enhanced DNS services?

    Having just set up a pfSense firewall (retirement project for the home office/home network), I happened to notice that the hpHosts list they use in their testing is one of the feeds that I set up the pfBlockerNG plugin to use. I also set up pfSense to forward DNS queries to Quad9 after passing...
  5. M

    A Solid Week with the ER-4

    Yes, but those power consumption numbers...yikes! Re the rest of this thread, I give you this thought, which I find useful in network engineering as well other parts of life: “The enemy of a good plan is the dream of a perfect plan.” - Carl von Clausewitz
  6. M

    [News] - AT&T to Acquire Vyatta Software Technology from Brocade

    Late to the party here as I have been on vacation.... My understanding is that both Ubiquiti and VyOS were forked from the Vyatta "Community" code base before Brocade took it closed-source, so the AT&T acquisition should not have any affect.
  7. M

    Untangle at Home Reviewed

    Looks like the "Platform + free apps" still have OpenVPN server. The comparison between the tiers is shown at this page. Looks like an interesting alternative to pfSense Edit: Show stopper for me is no DHCPv6-PD support for IPv6 WAN connection.
  8. M

    Syslogd, logstash or other?

    If all you need is to see why the VPN is disconnecting, rsyslog with filters to separate by device (Ubuntu does this by default) is just fine. You can easily extract what you need with basic Unix tools along with some standard log parsing tools like like logwatch/fwlogwatch. Logstash, NLS and...
  9. M

    Syslogd, logstash or other?

    The problem with Splunk pricing is it is based on volume of log data you collect - 1GB/day costs $5K (+ annual maintenance) and up from there. NLS is priced per instance ($2K for single instance, unlimited log volume). I agree Splunk can do a lot IF you have someone that knows how to set up...
  10. M

    Syslogd, logstash or other?

    Or you can download the free version of Nagios Log Server, which is based on the ELK stack. The free version will only log 500 Mb per day, but I doubt most of our home networks generate that much data. We switched from Splunk to this at work (Splunk was horribly expensive for the volume we...
  11. M

    Raspberry Pi as Jumpbox

    Managed to get it, and the image is definitely not been updated since 2013. I didn't have time to put it on a Pi, but looking at the release notes, it doesn't look like anything you could not already download for free as tarballs from VMware.
  12. M

    Raspberry Pi as Jumpbox

    I can't get a download for it, but per the web page seems like it may not have been updated for a while (since ESXi 5.1?). I have to admit I don't do a lot of CLI management of my home server (mainly just spinning up or tearing down test VM's), so I just use SSH port forwarding for ESXi...
  13. M

    Ooma Telo Firmware Upgrade Adds Internet Security From Zscaler

    Yup my Ooma Telo is only 100Mbps, so non-starter for me to put inline. Looks like all they are doing is providing a DNS Blackhole service, which you can get by subscribing to OpenDNS, or do yourself by setting up your own DNS Blacklist using PiHole.
  14. M

    Broadcom To Buy Brocade For $5.9 Billion

    Our reps said exactly that. The SAN fabric market is pretty much all OEM'd to storage vendors like EMC, and Broadcom wanted into that space. The network side competes with their OEM networking customerss, hence the desire to spin that off. We are a pretty-decent size Brocade network product...
  15. M

    Broadcom To Buy Brocade For $5.9 Billion

    The Brocade networking business is not just Ruckus, it is the entire pre-merger Foundry Networks line. Basically Broadcom wanted the SAN storage fabric portion of the company, and is willing to jettison the rest so they are not competing with their customers (the ones they provide merchant...
See more
Top