Recommendation please, hardware firewall for home network (UK)

Hi folks

Can anyone recommend a hardware firewall with reasonable content filtering to sit between my small home network (one or two wired machines and a wireless access point with one or two laptops) and the cable modem? If it did the wireless AP bit & router stuff in the same box that'd be most excellent! I'm in the UK, if that makes a difference to what is available.

My current (Belkin 801.11b wireless AP and 4-port switch) does basic firewall stuff and NAT with only occasional, irritating crashes - but it doesn't do content filtering. We've got three children who are just discovering the joys of the CBBC website, Bamzooki, Google and the rest... It'd be great to be able to set policies along the lines of: filter these URLs for the whole network, this content for the whole network, these URLs only for the kids machines, only allow ports 25 and 110 through to/from this machine, etc...

Would almost certainly be wanting a web-based interface, as my main machine, and from which I'd want to do the admin, is a Linux box - so no Windows-only clients...

Could do it manually on an old PC with IPCop, but that'd be noisy and take up too much space...

The advertising for a number of routers or APs say something like: "Content filtering with URL blocking and scheduling" (this is from a D-Link DIR-635;

formatting link
- but figuring out exactly what that means seems awfully hard!!

Cheers

Colin

Reply to
Colin Brough
Loading thread data ...

Colin Brough schrieb:

What about educating the kids rather than educating the PC?

Regards Thomas

Reply to
Thomas

For the same reason I fit a smoke detector as well as teaching my kids what do if they find a fire.

I asked here because I was interested in the technical question; if I'd wanted to debate the child-rearing issues behind the question I'd have wandered on over to misc.kids.computer or similar.

Cheers

Colin

Reply to
Colin Brough

I suggest that you find a packet filtering FW router that meets the specs in the link for *What does a FW do*. One that is ICSA certified that can use Wallwatcher or Silo Daemon, like one on the Netgear ones. The rest of the stuff you're talking about is just icing on the cake.

formatting link
Or get a low-end FW appliance, which my Windows and SuSe Linux machines set haply behind it. I use a Watchgurad myself, but there is Sonicwall, Snapgear and others low-end models.

Duane :)

Reply to
Duane Arnold

The D-Link DFL-700 will block websites by key words or allow them by key words. As an example, we have one client, a medical office, and we block all outbound HTTP access except to *.microsoft.com* and two other locations.

This means they can get MS Updates (as well as browse the MS site) and also get AV updates (via another key-word).

It also has the ability to strip/block http content, like *.EXE, so that users in that rule can't download MP3 or EXE or anything you specify. The nice thing is that you can limit the scope of the rule to an IP Range and put your computer in another range that uses different rules - so you can access everything while blocking access to people in the other range.

Not wireless.

Reply to
Leythos

That's Syslog Daemon.

Reply to
Duane Arnold

how do you find out which will run with wallwatcher or silo daemon ?

Reply to
q_q_anonymous

Maybe you could go to the WallWatcher website and take a look at what they work with?

Each device has different output for logs that WW can work with, the BEFS series of linksys has the best, easiest to manage, output for WallWatcher.

Reply to
Leythos

Leythos wrote

thanks

Reply to
q_q_anonymous

Of course that is Syslog Daemon I am talking about. WW works well with my WG too. So did Syslog Daemon, but you had to pay for it if you wanted to use it fully. WW you don't have to pay, as you know.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.