Building a Linux Network Appliance, Part 2
What to Build
In our first installment, we described why you need our Linux-based network appliances. Today we're going to start construction. (Please see the Introduction to this series for hardware requirements.) We will be building two separate appliances: one for network border services, such as firewalling, secure remote access, and intrusion prevention; and one for LAN services, such as file and printer sharing, network storage, and backups. We'll start with an Internet firewall/gateway for sharing a broadband Internet connection. Our Linux gateway will protect clients on all platforms, not just Linux. You'll save money, have complete control and likely better protection.
You should already have a shared broadband Internet connection, maybe with one of those Linksys or Netgear boxes, and with your soon-to-be firewall box connected to your LAN. You'll administer it from a second LAN PC. This is handled via OpenSSH or a Web browser, so any Linux, Mac or Windows PC will do. A typical setup looks like this:
Broadband modem -> gateway -> switch or hub -> LAN hosts
If you do not already have some sort of router/gateway for sharing your Internet connection, you may connect your firewall box directly to the Internet. You still want a second PC connected via a switch or hub for remote administration, like this (see Figure 1):
Broadband modem -> future gateway box -> switch or hub -> second PC
We'll install the Debian GNU/Linux operating system as the foundation of our sturdy gateway box. Debian is easy-to-maintain and upgrade, and is stable and reliable. Debian comes in four flavors: Stable, Testing, Unstable and Experimental. Each flavor besides Experimental has a cute code-name: Sarge (stable), Etch (testing), and Sid (unstable).
Stable contains older, well-tested packages, so it's always behind in terms of having the latest and greatest releases, which is exactly what you want on something as important as a firewall. You can run Testing or Unstable all you want to on desktop systems. They work perfectly well despite the scary names. But don't use them on important servers.
By choosing Debian we aren't saying that other versions of Linux are inferior. We chose a single distribution to keep this series simple and to get you up and running as quickly as possible.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: RHEL 6.7, BackBox Linux 4.3 and RoboLinux 8.1
- 2Linux Top 3: SLES 11 SP4, Chromixium OS 1.5 and Canonical Licensing
- 3Linux Top 3: VirtualBox 5, Point Linux 3.0 and OpenSUSE Leap 42.x
- 4Linux Top 3: Linux 4.2 rc1, 4MLinux 13 and antiX15
- 5Linux Top 3: Linux Mint Rafaela, OpenMandriva Lx 2014.2 and VectorLinux 7.1