Setting up a good firewall is a hectic work for any small and medium scale industry. The expenses associated with the process is pretty high if you go after proprietary software. Another issue is that the hardware requirement is also much higher and this will in turn increase the cost.

This edition of techblog is about an open source solution which can save those additional expenses -  The SmoothWall Express

The SmoothWall  (an open source project initiated in 2000) is the mother project behind this solution. The SmoothWall Express is based on GNU/Linux and the security aspects of the Linux system is hardened further so as to meet the requirements of Firewall.

Features:

The interesting feature is that the solution comes with a very user friendly web interface. This means that even if you are not an expert in Linux, you can use this solution without any difficulty.

The latest version is SmoothWall Express 3.0. It requires only 128MB of RAM and 2GB of hard disk space. It works properly in any Pentium version system.

Installing and configuring

You need to have two network cards  so as to enable all the basic features supported by the solution. You can add more if you want to support your DMZ (demilitarized zone – one that connects to the external world, Internet). By adding more network cards  you can also support and secure the wireless network in your organization. If you are a security expert, you may note that the reliability depends on the capabilities of the hardware on which the solution is installed.

You can  download  the solution from the official website . It is about 80 MB in size. After downloading the same, you need to burn the image to a CD. (You can use any freeware solution for burning).

During the installation phase, you can go for the default options. You may find that the solution sets ‘Half-Open’ as the default option for out going traffic. This means that the solution will allow all the traffic that are considered to be safe and it will block all that are potentially harmful. You can change this option to ‘open’ if you don’t want to limit the traffic in this way. But in most cases, it is recommended that you select the option ‘closed’ and then specific the traffic that you wish to allow in your network.

Similarly, when it comes to the configuration of network interfaces you will have four options viz.

• Green (corresponds to trusted LAN network)
• Purple (for wireless LAN)
• Red (it indicates the potentially harmful Internet)
• Orange (it is used for zones like DMZ)

Since it is Linux based, SmoothWall will automatically detect your network cards. All you need to do is to configure your IP settings, DNS details and and Gateway settings. You can also configure Web Proxy using this solution. The solution also allows you to meddle with your ISDN, DHCP  and ADSL configuration settings.

The last stage of the installation is to set a password for the web interface and a root password (if you need to use the command line functionalities)

That’s it!

Using SmoothWall

You have installed and configured the solution – which means that it is ready to working as a  fully functional firewall for your network.

You can configure it further by accessing the web interface. All you need to do is to point your browser to

https://SmoothWallGreenAddress:441

This will allow you to login to the system using the username (admin) and the password you have provided while configuring the solution (during installation stage).

You can setup and configure (change settings) proxy servers, IDS, DHCP, VPN and Dynamic DNS using this interface. You can also perform actions like ‘port forwarding’ in this solutions itself (just like we do in case of a router).

Apart from these the SmoothWall comes with a good logging feature. It also provides traffic graphs for analysing the network traffic. It also gives information about the server health and allows network administer to set access control settings.

In short, this open source solution is a full fledged network manager-cum-firewall.

My rating for this solution is 9/10