Hardware firewalls and routers for home developer and IT

[saintsfan0990]

I have been studying computer technolodgy for many years. It is first and foremost my favorite activity. I want to venture into the world of security and networking. I am running several services on my home pc for multiple reasons. I am working on a few dev apps and other things and also want to run a full time server to support those activities, from the comfort of my home. I will most likely need to employ a technolodgy such as free dns since my IP provider only provides dynamic IP addresses and they cycle monthly. However, I want to keep my activities safe. I currently live in a shared building with a coaxial drop for what I believe is broadband. I plug my C3700-100NAS directly into my coaxial drop and connect to the internet. The cable company here also provides boxes but I choose to use my own because I am familiar with the features. However, I feel I am begining to outgrow its features. I am heavily studied in IT and understand the idea behind ports, mac address and IP addresses. My router already have some pretty nifty features such as port blocking/fowarding, a very basic activity log but only keeps up to the last 100 or so messages which is no good for me because I need to be able to log and store data over a long period of time in order to conduct analytics, some other features such as sticky mac and remote management, and I think you get the gist. Truth is that the router it's self is fairly decent, but I would like something preferably with shell access, multiple account access so I can issue accounts with restricted privledges to utlize tools such as remote management, network instrusion detection features, and advanced logging features so I can keep a record of all the data that comes and and leaves through my coaxial. It would be a plus if it also had a nicer user interface than that of my netgear router because even though it is sufficient it is not customizable and I am looking for something more feature rich. Any suggestions on a piece of hardware I could use?

 

[velocityg4]

Build your own router. Use PFSense to make your own Enterprise grade router then place a switch and access points behind it. For much less than high end off the shelf parts. You can research it and find out it's feature set. I suppose you could use some WiFi cards to also create your own access point.

https://www.pfsense.org/

 

[failboat]

If you are building out a virtualized server you can install pfsense on it.

 

[saintsfan0990]

Build your own router. Use PFSense to make your own Enterprise grade router then place a switch and access points behind it. For much less than high end off the shelf parts. You can research it and find out it's feature set. I suppose you could use some WiFi cards to also create your own access point.

https://www.pfsense.org/

I looked this up and found the most common method is to install pfSense on a pc with atleast 2 ethernet ports available and then hooking up a switch for your devices on the lan port and plugging into your modem on the wan port. But wouldn't this leave your modem still exposed to threats?

 

[saintsfan0990]

If you are building out a virtualized server you can install pfsense on it.

I don't plan on virtualizing any server. But good idea, I could do that.

 

[806chau]

But wouldn't this leave your modem still exposed to threats?

Let them. The modem really doesn't do anything other than convert signals, there are only a few changeable parameters there. If per chance "they" get into your modem, then what, still can't get to your clients, your NAS blah-blah 'cuz the firewall is blocking them.

 

[CloudGuy1105]

If you want a secure router and firewall combo I would suggest an MX 64 if you watch a webinar you can get it for free along with an MS220 switch and a MH33 wap that's WAVE 2. All for free just attend the webinar.

You get three year licenses with all the hardware. The firewall will have full IPS and Advanced Malware Protection.

https://meraki.cisco.com/webinars

 

[CloudGuy1105]

As for a server I would suggest a UCS C220 M5 if you use the LFF version I believe you can for 12 12tb drives in it along with 2 Ssd's for OS.

 

[CloudGuy1105]

I'm stand corrected it's actually 48tb with the C220 it would be 144tb with a 240. It's 2rus instead of 1u allows for 8 more 3.5 inch disks.

However you can bring up to 77tb with 5 NVME slots on the 220.