I notice from reading in this forum that the SME server/gateway now got some for me "new" and advanced functions for firewalling.
1. You can block source IP's and also I guess ranges of source ip's by specifying network numbers. (Exsample: 80.202.0.0/16)
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Block_incoming_IP_address2. You can now also controll all outgoing traffic. (Difficult to use well, but should make it possible to build in a lot more "security" in the LAN area.)
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Block_outgoing_ports3. Then it looks like you also can perform gateway virus control of all web content (???!!!):
http://wiki.contribs.org/Dansguardian#ClamAV_supportIf also the third mentioned function actually works, like it should, I think that the SME server/gateway now can do the job of some quite expensive gateways. (Function might be the same but capasity might be some less.)
Have I understood it right that the SME gateway can do gateway virus control for incoming mail and for networking traffic, but not for outgoing mail ? (Or does it ?)
I have tested a few gateways that does such virus control of the datastram, some built on Dansguardian and some built on other technology. What I have seen from other gateways that makes virus control via Dansguardian (but yet not the SME server/gateway) is that making virus control this way, will slow down the internet connection, and your browser and that processor load on the gateway will increase quite much. Virus control of the web content use to be a hard and heavy job to do, that is my impression.
Is it anybody that has tested out this (if I understand it right) opportunity to make virus control of web content via the SME gateway and who can say a few words about how this really work. (Speed, processor load, does it catch the virus, etc.)
It is actually an advanced and quite interesting function and powerful hardware is actually cheap these days.
0 Replies
1041 Views