Well Secured Network Configuration
 

I currently have a linux server on a static IP. This computer controls pretty much everything on the network (ie. mail, web, squid, NAT, firewall). I want to setup a more secured network and needed some help and idea's. I was thinking about setting up a one computer as a linux firewall that controls the internet connection, dhcp on the local lan and routing. I was thinking of trying smoothwall express 2. Our current server I was going to setup on a DMZ attached to the firewall computer. I think this should be a fairly secure setup provided it is configured correctly. Any other ideas or recommendations would be helpful. I have setup numerous small business servers just nothing quite as complex as what I am trying now.

Thanks for you input,
Scott

Personally I like seperate firewall box.
handleing as you said dhcp dns if need be and ids and maybe sniffer if needed etc.

I wouldnt use mail proxy net proxy(squid) or antivirus stuff on this firewall box.
Id use the proxy mail and antiviri on a seperate box.

I use an old cyrex MandA things old...got it brand new condition from dealsdepot.com
http://www.dealsdepot.com
only because I had no ax to old pc's and all the ones friends wanted to give me were just too poopy.


They change and get new stuff weekly/daily sometimes.My box was 36 dollars and my other box was 45 dollars US.they were fast delivery too.

anyways,ya I like seperate only because depending on how many users you have....memmory and cpu power things can get bogged haveing everything on one server.
I have few raid setups and wanted to make this box(raid 5) proxy with squid and some addons as well as mail server but squid and any proxy for that matter doesnt fare well on raid 5 setup.


My firewall box is ipcop 3...version 4 the newest and recent has excellent qualities and changed to LFS base but doesnt work with my old equiptment.It has mega addons...so does version 3.