Are EFW appliances any better than the Community version?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Are EFW appliances any better than the Community version?

compdoc
I have a customer that is interested in a security appliance, and I would
like to suggest an Endian product but their community version is so poorly
maintained and the software like clamAV is so outdated that I'm afraid to
recommend one. Does anyone have any experience with them?

Thanks.


------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user
Reply | Threaded
Open this post in threaded view
|

Re: Are EFW appliances any better than the Community version?

Matt Hayes
My company deploys a lot of the Endian hardware-based versions.   They are quite nice actually.  Tie in to Endian Network, updated software, updated clamav specifically.  I don't recall what version, but they stay on top of the commercial version in their appliances much more than they do with their Community version.

Unfortunately for me, I love Endian, but I think at some point I'm going to have to say enough is enough and move on to something else that is actually maintained.

- Matt


On Wed, Jul 24, 2013 at 8:36 PM, compdoc <[hidden email]> wrote:
I have a customer that is interested in a security appliance, and I would
like to suggest an Endian product but their community version is so poorly
maintained and the software like clamAV is so outdated that I'm afraid to
recommend one. Does anyone have any experience with them?

Thanks.


------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user


------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user
Reply | Threaded
Open this post in threaded view
|

Re: Are EFW appliances any better than the Community version?

compdoc

> Unfortunately for me, I love Endian, but I think at some point I'm going to have to say enough is enough and move on to something else that is actually maintained.

 

I love Endian too and have used it for many years. I have also had customers running happily on it for years. But the threats to security are increasing and I'm afraid of using an outdated product any longer.  

 

I've been trying a few of the firewalls listed on distrowatch.com, and the only one that has impressed me so far is pfsense. It's clamav is a little behind, (0.97.5) but I've read that the person responsible for maintaining that package does a good job of keeping it up to date, however other packages that interface with it have to be updated at the same time so it doesn’t happen too often. It's gui is surprisingly fast, and there are a large amount of packages/utilities to choose from.

 

You install the packages individually, which saves resources. (but don’t switch away from the page until the install is complete!) It's openvpn settings are different from EFW, and I have not been able to make it connect to a remote EFW firewall as a client. I had to install openvpn on an Ubuntu server behind the efw firewall. But that has a few benefits like the ability to use a newer version of openvpn, control over its settings, and .

 

It's nice to have a firewall with a choice of 32bit or 64bit, that has the ability to run well in a virtual machine, that is not abandoned, that uses a more mainstream OS for support reasons, that has packages that can be updated, that has a gui that is well tested, and that has more features I need.

 

IPFire came close, but I managed to create an openvpn entry that could not be deleted later, and there were other gui anomalies. Vyatta is strictly command line unless you pay a subscription, but I didn’t find this out until after I installed it and enabled the gui. And Untangle would not run in a kvm VM on my server for some reason. (maybe video related)

 

I think I've found a replacement in pfsense and have switched to it for a few days now. Good luck to all of you.

 


------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user
Reply | Threaded
Open this post in threaded view
|

Re: Are EFW appliances any better than the Community version?

Tom Bishop-2
+1 for pfsense, I left endian many moons and settled on Pfsense, great community and great product.  Please feel free to contact me via email if you have some questions.


On Tue, Jul 30, 2013 at 10:51 AM, compdoc <[hidden email]> wrote:

> Unfortunately for me, I love Endian, but I think at some point I'm going to have to say enough is enough and move on to something else that is actually maintained.

 

I love Endian too and have used it for many years. I have also had customers running happily on it for years. But the threats to security are increasing and I'm afraid of using an outdated product any longer.  

 

I've been trying a few of the firewalls listed on distrowatch.com, and the only one that has impressed me so far is pfsense. It's clamav is a little behind, (0.97.5) but I've read that the person responsible for maintaining that package does a good job of keeping it up to date, however other packages that interface with it have to be updated at the same time so it doesn’t happen too often. It's gui is surprisingly fast, and there are a large amount of packages/utilities to choose from.

 

You install the packages individually, which saves resources. (but don’t switch away from the page until the install is complete!) It's openvpn settings are different from EFW, and I have not been able to make it connect to a remote EFW firewall as a client. I had to install openvpn on an Ubuntu server behind the efw firewall. But that has a few benefits like the ability to use a newer version of openvpn, control over its settings, and .

 

It's nice to have a firewall with a choice of 32bit or 64bit, that has the ability to run well in a virtual machine, that is not abandoned, that uses a more mainstream OS for support reasons, that has packages that can be updated, that has a gui that is well tested, and that has more features I need.

 

IPFire came close, but I managed to create an openvpn entry that could not be deleted later, and there were other gui anomalies. Vyatta is strictly command line unless you pay a subscription, but I didn’t find this out until after I installed it and enabled the gui. And Untangle would not run in a kvm VM on my server for some reason. (maybe video related)

 

I think I've found a replacement in pfsense and have switched to it for a few days now. Good luck to all of you.

 


------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user



------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user
Reply | Threaded
Open this post in threaded view
|

Re: Are EFW appliances any better than the Community version?

h h-2
In reply to this post by compdoc
I made the switch to pfSense 2-3 years ago and haven't looked back. Use it to replace EFW, Cisco PIX/ASA, etc. every chance I get.


From: "[hidden email]" <[hidden email]>
To: [hidden email]
Sent: Tuesday, July 30, 2013 11:05 AM
Subject: Efw-user Digest, Vol 81, Issue 5

Send Efw-user mailing list submissions to
    [hidden email]

To subscribe or unsubscribe via the World Wide Web, visit
    https://lists.sourceforge.net/lists/listinfo/efw-user
or, via email, send a message with subject or body 'help' to
    [hidden email]

You can reach the person managing the list at
    [hidden email]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Efw-user digest..."


Today's Topics:

  1. Re: Endian with /32 subnet (Cultrure)
  2. Are EFW appliances any better than the Community version?
      (compdoc)
  3. Re: Are EFW appliances any better than the Community    version?
      (Matt Hayes)
  4. Re: Are EFW appliances any better than the Community    version?
      (compdoc)


----------------------------------------------------------------------

Message: 1
Date: Wed, 24 Jul 2013 09:00:07 +0300
From: Cultrure <[hidden email]>
Subject: Re: [Efw-user] Endian with /32 subnet
To: [hidden email]
Message-ID:
    <CAMT1JcZOVO3gtKCKUMvJkBJ+[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Enabling and disabling uplink from the web page did the trick. Thank you!


2013/7/24 Stephan Schenk <[hidden email]>

> On the main page disable, enable red. There was a script, also. Something
> like restartnetwork, but I don't know that anymore.
>
> Stephan
>
>
>
>
> Cultrure <[hidden email]> schrieb:
>>
>> I have found RED-interface config at /var/efw/uplinks/main. Actually
>> there is two of those called 'data' and 'settings'. I have now edited both.
>> Is there a way to restart uplink(RED) without actually restarting whole
>> system?
>>
>> Timo
>>
>>
>> 2013/7/23 Stephan Schenk <[hidden email]>
>>
>>> I also had it a long time ago.
>>> You have to change it to /32 in the config file after you gave it a /28
>>> for example and then restart the connection. But then you have to ignore
>>> the web interface for red properties!
>>> My knowledge is of a about 2 years old version.
>>>
>>> Kind regards
>>> Stephan
>>>
>>>
>>>
>>>
>>> Cultrure <[hidden email]> schrieb:
>>>>
>>>>  I'm just trying to follow OVH-hosting instructions
>>>>
>>>> http://help.ovh.ie/BridgeClient
>>>> http://help.ovh.com/IpAlias
>>>>
>>>>
>>>> 2013/7/23 Jonathan Lessa <[hidden email]>
>>>>
>>>>> one subnet / 32 sees only one host, like you would get in touch with
>>>>> your gateway?? I think the minimum for your provider is really a pass / 28
>>>>> for 2 free hosts, the ID and network broadcast.
>>>>>
>>>>>
>>>>> 2013/7/23 Cultrure <[hidden email]>
>>>>>
>>>>>>  Dear all,
>>>>>>
>>>>>> I've posted this issue to
>>>>>> http://www.efwsupport.com/index.php/topic,3745.0.html with no replys
>>>>>> so I'm someone could help me.
>>>>>>
>>>>>> How can I setup /32 subnet(255.255.255.255) to my RED interface. When
>>>>>> using web-ui I get error "The RED IP address or network mask "
>>>>>> 188.165.136.196/255.255.255.255" is not correct.". Highest possible
>>>>>> subnet is /28 that I can setup. I also need this subnet to be set on
>>>>>> IPAliases also.
>>>>>>
>>>>>> I'm not able to find the config file when using SSH-connection.
>>>>>>
>>>>>> /32 subnet is *required* by our hosting provider.
>>>>>>
>>>>>> Thank you.
>>>>>> Timo
>>>>>>
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> See everything from the browser to the database with AppDynamics
>>>>>> Get end-to-end visibility with application monitoring from AppDynamics
>>>>>> Isolate bottlenecks and diagnose root cause in seconds.
>>>>>> Start your free trial of AppDynamics Pro today!
>>>>>>
>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
>>>>>> _______________________________________________
>>>>>> Efw-user mailing list
>>>>>> [hidden email]
>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Att.:
>>>>> Jonathan Lessa
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> See everything from the browser to the database with AppDynamics
>>>>> Get end-to-end visibility with application monitoring from AppDynamics
>>>>> Isolate bottlenecks and diagnose root cause in seconds.
>>>>> Start your free trial of AppDynamics Pro today!
>>>>>
>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
>>>>> _______________________________________________
>>>>> Efw-user mailing list
>>>>> [hidden email]
>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>
>>>>>
>>>> ------------------------------
>>>>
>>>> See everything from the browser to the database with AppDynamics
>>>> Get end-to-end visibility with application monitoring from AppDynamics
>>>>
>>>> Isolate bottlenecks and diagnose root cause in seconds.
>>>> Start your free trial of AppDynamics Pro today!
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
>>>>
>>>> ------------------------------
>>>>
>>>> Efw-user mailing list
>>>> [hidden email]
>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>
>>>>
>>> --
>>> Diese Nachricht wurde von meinem Mobiltelefon mit Kaiten Mail gesendet.
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> See everything from the browser to the database with AppDynamics
>>> Get end-to-end visibility with application monitoring from AppDynamics
>>> Isolate bottlenecks and diagnose root cause in seconds.
>>> Start your free trial of AppDynamics Pro today!
>>>
>>> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Efw-user mailing list
>>> [hidden email]
>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>
>>>
>> ------------------------------
>>
>> See everything from the browser to the database with AppDynamics
>> Get end-to-end visibility with application monitoring from AppDynamics
>> Isolate bottlenecks and diagnose root cause in seconds.
>> Start your free trial of AppDynamics Pro today!
>> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
>>
>> ------------------------------
>>
>> Efw-user mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>
>>
> --
> Diese Nachricht wurde von meinem Mobiltelefon mit Kaiten Mail gesendet.
>
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Efw-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/efw-user
>
>
-------------- next part --------------
An HTML attachment was scrubbed...

------------------------------

Message: 2
Date: Wed, 24 Jul 2013 18:36:12 -0600
From: "compdoc" <[hidden email]>
Subject: [Efw-user] Are EFW appliances any better than the Community
    version?
To: <[hidden email]>
Message-ID: <001001ce88ce$f7156ca0$e54045e0$@hotrodpc.com>
Content-Type: text/plain;    charset="us-ascii"

I have a customer that is interested in a security appliance, and I would
like to suggest an Endian product but their community version is so poorly
maintained and the software like clamAV is so outdated that I'm afraid to
recommend one. Does anyone have any experience with them?

Thanks.




------------------------------

Message: 3
Date: Thu, 25 Jul 2013 08:09:17 -0400
From: Matt Hayes <[hidden email]>
Subject: Re: [Efw-user] Are EFW appliances any better than the
    Community    version?
To: [hidden email], [hidden email]
Message-ID:
    <CAGL1moRsPBv0TN_Vf8rnZmsog-_kCvMK8HxuqqFqMS2A-22=[hidden email]>
Content-Type: text/plain; charset="utf-8"

My company deploys a lot of the Endian hardware-based versions.  They are
quite nice actually.  Tie in to Endian Network, updated software, updated
clamav specifically.  I don't recall what version, but they stay on top of
the commercial version in their appliances much more than they do with
their Community version.

Unfortunately for me, I love Endian, but I think at some point I'm going to
have to say enough is enough and move on to something else that is actually
maintained.

- Matt


On Wed, Jul 24, 2013 at 8:36 PM, compdoc <[hidden email]> wrote:

> I have a customer that is interested in a security appliance, and I would
> like to suggest an Endian product but their community version is so poorly
> maintained and the software like clamAV is so outdated that I'm afraid to
> recommend one. Does anyone have any experience with them?
>
> Thanks.
>
>
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Efw-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/efw-user
>
-------------- next part --------------
An HTML attachment was scrubbed...

------------------------------

Message: 4
Date: Tue, 30 Jul 2013 09:51:50 -0600
From: "compdoc" <[hidden email]>
Subject: Re: [Efw-user] Are EFW appliances any better than the
    Community    version?
To: <[hidden email]>
Message-ID: <001501ce8d3c$b4ad3f10$1e07bd30$@hotrodpc.com>
Content-Type: text/plain; charset="utf-8"

> Unfortunately for me, I love Endian, but I think at some point I'm going to have to say enough is enough and move on to something else that is actually maintained.



I love Endian too and have used it for many years. I have also had customers running happily on it for years. But the threats to security are increasing and I'm afraid of using an outdated product any longer. 



I've been trying a few of the firewalls listed on distrowatch.com, and the only one that has impressed me so far is pfsense. It's clamav is a little behind, (0.97.5) but I've read that the person responsible for maintaining that package does a good job of keeping it up to date, however other packages that interface with it have to be updated at the same time so it doesn?t happen too often. It's gui is surprisingly fast, and there are a large amount of packages/utilities to choose from.



You install the packages individually, which saves resources. (but don?t switch away from the page until the install is complete!) It's openvpn settings are different from EFW, and I have not been able to make it connect to a remote EFW firewall as a client. I had to install openvpn on an Ubuntu server behind the efw firewall. But that has a few benefits like the ability to use a newer version of openvpn, control over its settings, and .



It's nice to have a firewall with a choice of 32bit or 64bit, that has the ability to run well in a virtual machine, that is not abandoned, that uses a more mainstream OS for support reasons, that has packages that can be updated, that has a gui that is well tested, and that has more features I need.



IPFire came close, but I managed to create an openvpn entry that could not be deleted later, and there were other gui anomalies. Vyatta is strictly command line unless you pay a subscription, but I didn?t find this out until after I installed it and enabled the gui. And Untangle would not run in a kvm VM on my server for some reason. (maybe video related)



I think I've found a replacement in pfsense and have switched to it for a few days now. Good luck to all of you.



-------------- next part --------------
An HTML attachment was scrubbed...

------------------------------

------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk

------------------------------

_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user


End of Efw-user Digest, Vol 81, Issue 5
***************************************



------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user