Hi All,

I want to secure my network where i don't want to invest the money on Firewall. How effectively i can secure the network using Linux.
Suggest what i have take the initial steps as i am new to linux.


Regards,
Shamanth

You don't mention the size of network you wish to protect, how your external connectivity is delivered, or if you have any requirements such as public facing server/services. For example, many "home" ISP routers have full firewall functionality built in that can be accessed and configured from a web interface. "Business" ISP could be as simple as an NTU with an ethernet port that's pushing everything out or could also have firewall functionality.

So the basics:

1) Pick a distro (I'd recommend CentOS 7 as it's compatible with RedHat 7 and there's LOADS of tutorials available)
2) Start googling for IPTABLES tutorials
3) Implement

From past experience I prefer a physical firewall appliance.

Hi Ten Tenths,

I have a 100 users and we have a just ISP connectivity no security is applied and we do have some critical servers which have critical data recently got affected with bit coin ( Ransomware ) attack so without purchasing a firewall cant we secure our network using linux

Regards,
Shamanth

Yes, you can totally protect your network with linux and the right hardware (basic server with multiple nics)

However, a basic linux firewall / router on it's own won't protect you against ransomware.

If you want to do that at firewall level you're going to need content examination and filtering and probably SSL inspection too. For THAT, and for a 100+ user company I'd seriously invest in an appliance that CAN do these things. Figure that even if you have to spend $2000 on one then that's $20 per machine. I'm sure your data security is worth more than $20 per machine.

If you cannot afford an appliance, you can download to image of Astaro Security Appliance and load a machine with it to build your own. If you have a problem finding that download (from SOPHOS I believe) you can check distrowatch.com for firewall distributions: some of those are VERY good.

1 members found this post helpful.

You have a number of ways to secure the network. As noted above you could use a firewall distro like Untangle. You can run it on a dedicated machine as firewall. You can also run it under a virtual machine and have all lan systems access the vm then to wan. I like to keep lan segments discrete and separated from wan segment.

A firewall however doesn't prevent issues. Be sure to learn and use as many best practices as you can.

I'm *guessing*: you have 100 MS-WinX desktops, and the RansomeWare is *MS-Win* code (maybe arriving in emails, not a network *connection, directly*, which a basic firewall filters).

IF the 100users could run only Linux, [mostly] the MS Ransome code would do nothing!

There's probably Linux applications that can *examine* email contents (spamassassin but I don't know)

Best wishes, in this tough task!

Since this is a case in homework the shortest answer is:

Utilize one of your servers to act as proxy server imposing a bottle-neck for easier security management.
Run IPTABLES in every server, it is built-in every linux kernel, you don't have to pay anything for that.

If that does not work...

The shortest way to safety is don't connect you network to the internet.