Security on a shoestring budget

With the right mix of open-source tools, protecting your PCs and your network doesn’t have to break your bottom line.

By Tony Bradley, PC World |  Security, firewall, Freeware

For many, security is like going to the dentist--you have to deal with it, but that doesn't mean you have to go willingly, or like it once you get there. One of the main problems with IT security, though, comes down to money. While new servers or PCs can be justified as an investment, security is seen simply as an expense and a headache. But, what if you could protect your network and your PCs without breaking the bank?

[ See also: Free antivirus software: The best and the rest ]

Well, General Motors and JP Morgan Chase Bank may not be able to do it on the cheap, for obvious reasons, but small and medium businesses--as well as individuals--have a variety of open-source tools and free software available to keep PCs and networks safe on a shoestring budget.

Protect the Perimeter

A firewall is a de facto requirement for any network security implementation. The firewall is the gatekeeper of the network--blocking unauthorized traffic from entering your internal network, and restricting the flow of traffic in and out of your network based on the rules you establish. Think of it as locking down the "perimeter" of your home or office network.

Brush the dust off of that old Pentium desktop you shoved in the closet and put it good use--it can house your firewall software. SmoothWall Express is a Linux-based open-source firewall delivering advanced features and perimeter protection capable of running on any Pentium-class PC with at least 128MB of RAM.

Smoothwall Express was designed to be simple enough to be installed by an average home user with no Linux experience, to run efficiently on seemingly obsolete hardware by today's PC standards, and to provide intuitive management and configuration through a browser-based console.

Smoothwall Express supports local networks, wireless networks, and what IT pros call DMZs (demilitarized zones). It performs all of the basic firewall functionality one would expect--port forwarding, outbound filtering, blocking bad IP addresses--and also delivers quality-of-service (QoS) features and network traffic statistics that can be broken down per network interface or per IP address.

Watch the Network

Filtering the traffic that is allowed into or out of the network at the perimeter is one thing, but you should also be monitoring the traffic flowing through the internal network for signs of suspicious or malicious activity. An intrusion detection or intrusion prevention system (IDS/IPS) will do the trick, and--when it comes to IDS--Snort basically wrote the book.


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness