EnGarde as replacement for Astaro

Discuss Engarde latest news and updates

Moderators: scrumpy, Dave, leihog

EnGarde as replacement for Astaro

Postby Fred Thompson on Mon Mar 05, 2007 5:26 pm

I'm looking for a replacement for Astaro.

The headaches I have with Astaro are:

1) Exclusing streaming media from virus scanning (user whitelist by extension and URL)
2) Bit Torrent overloads Astaro
3) Modern newsreaders overlard Astaro
4) Skype overload Astaro
5) Inability to use 2 DSL adapters at the same time
6) Current Astaro is a CPU hog.

Does this firewall solve these issues?
Fred Thompson
 
Posts: 1
Joined: Mon Mar 05, 2007 5:14 pm

Re: EnGarde as replacement for Astaro

Postby Dave on Wed Mar 07, 2007 1:11 am

Fred Thompson wrote:I'm looking for a replacement for Astaro.

The headaches I have with Astaro are:

1) Exclusing streaming media from virus scanning (user whitelist by extension and URL)
2) Bit Torrent overloads Astaro
3) Modern newsreaders overlard Astaro
4) Skype overload Astaro
5) Inability to use 2 DSL adapters at the same time
6) Current Astaro is a CPU hog.

Does this firewall solve these issues?

EnGarde can undoubtedly do these things, and I'm sure quite well. It's highly stable, and obviously very secure. EnGarde works well as a router, and won't have a problem processing gigabits of bandwidth without falling over like many of those Linksys style "security gateways" loosely based on Linux but that lack the enterprise functions and performance.

EnGarde is not strictly a firewall, so you may need to get involved and add on some of the additional functions you're looking to implement, but that's generally easy and there are many knowledgeable people more than willing to help.

As I mentioned, EnGarde won't have any problem processing packets of the type you mention (hell, my Linksys blue box can do that), but we'd need more detail on how you plan to use EnGarde.

If you'd like to detail a bit further the specific applications you'd like to run on EnGarde, we can work together to make them work for you.

dave
Dave
Site Admin
 
Posts: 107
Joined: Tue Jun 13, 2006 6:06 pm

Re: EnGarde as replacement for Astaro

Postby RobertK on Tue Mar 11, 2008 12:05 pm

I too have decided on EnGarde to replace Astaro. It fits in very well with my plans, since I was running win2003 enterprise for an intranet server and another product for internet/dmz. I can install EnGarde to all three boxes as a base and add different packages (firewall+intrusion detection system(ids) on the Astaro-replacement firewall, mail services and web services on intranet,...).

The only things I'll probably miss from Astaro is the extremely user-friendly WebTool, and it's up2date software upgrade feature. (IMO) EnGarde's WebTool definately beats ipcop, endian, etc. Haven't tested the update part of EnGarde yet tho. With Astaro's free product 10ip limitation, I think it is no longer a suitable solution for anything but the most basic home networks.

with regarde to your specific list: My testing shows much less cpu and memory utilization with Engarde (I also had the same cpu util problem with Astaro as you mentioned). Asterix runs fine on top of EnGarde, so I'm sure skype isn't going to overload it. You might consider using traffic shaping (WonderShaper, etc) on port(s) using VOIP. [i suggest traffic shaped so that voip is highest priority, nntp/torrent lowest priority, everything else normal priority. remember that shaping will *only* slow low-priority things when bandwith from higher priority things is filled] NNTP is utterly transparent on my box running engarde firewall and ids, I'm showing less than 1% increase when running with full speed premium newsgroups download. speaking of excluding streaming media from scanning, you might consider excluding .mpg and .avi, but still scanning .asf.
RobertK
 
Posts: 5
Joined: Wed Mar 05, 2008 12:52 pm


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 1 guest

cron