I'm in love...
I guess I should qualify that statement. I've been working on finding a firewall to deploy to our customers.
Gradually more and more of our customers want or need 2 ADSL lines for fail-over and/or VoIP traffic quality purposes. So the task was to find a robust router that importantly wasn't going to be deprecated or discontinued for a fair while so we could standardise on it. Our problem recently with low end ADSL routers is that we'd find a nice one, then after a few months we wouldn't be able to buy it anymore.
So low cost and sophisticated enough to do :-
- Dual WAN failover - in both directions.
- Ability to chose what traffic leaves which WAN interface. i.e. LAN to WAN/WAN2 control.
- Standard firewall filtering
- NAT and 1-1 NAT
- Port forwarding and port mapping
- Static routes
We bought a Netgear Dual WAN router to investigate the commercial dual WAN routers, as we have had good experiences with their equipment. However on testing it didn't quite do everything I wanted. Particularly be able to choose the exit route of different traffic on our network. It also left me worried that choosing a commercial solution would leave us open to having the product changed or upgraded.
We've been a fan of IPCop's for a long time as we've always found that standard firewall routers have either lacked features or been out of the range of the SME budget. For those customers that have needed a featured firewall we've always used IPCop's. Using an old PC or a new mini-ATX PC and putting IPCop on it has made our lives much nicer in the last 5 years. However IPCop doesn't support dual WAN and there was nothing on the roadmap to suggest it was going to be implemented. The other thing was that being hard drive based, IPCop's are always going to be more prone to failure than an embedded firewall due to the mechanical nature of hard drives. We'd considered putting IPCop on CF-cards, but figured that since they weren't optimised for flash based drives, that the OS would rapidly wear the drive out.
However there is the dual-WAN capable pfsense, and after checking out a virtual appliance and being suitable happy with it, I decided to buy an ALIX embedded PC. This company sells them with m0n0wall or pfsense pre-loaded so I bought 2 for testing and waited for it to arrive.
runPCrun have worked alongside with GPMD for years and even one of our original directors left and joined the company. We regularly share knowledge from our respective spheres with each other with benefits us both. We use them for our hosting and email of our systems and our customers. Frankly we wouldn't trust anyone else.
Extremely talented individuals make up this company, you can't go wrong.
Here are runPCrun we use a lot of equipment - servers, routers, switches, workstations, if it has a plug then chances are we've opened the box, took a good sniff and installed it.
Since we have a large amount of clients it is good sense for us to standardise on what we use to make our life easier. One of the most important thing to standardise is the firewall. Our choice of firewall needs to have the following features:-
Affordable - it would be hard for us to recommend our SOHO clients to spend £1000's on expensive kit - they'd simply refuse. Also, we have seen firewalls that come with features locked unless you pay extra license fees. One firewall we replaced for a new client actually only had room for 3 port forwarding rules!
Flexible - Every client is different. Some clients have multiple internal machines on non standard RDP ports, some have FTP servers with strict IP lists. Once client wanted to block port 25 from all machines except one. The firewall we choose can do all of these and if not, chances are somebody has written an open source module that can be installed.
Easy to Manage - We have seen some firewalls that can require you to go on a course just to add a simple port forwarding rule. Of course, you do need to know what you're doing when working on any firewall but a easy to understand user-interface goes a long way to help. Our firewall has a simple GUI and if you want to get your hands dirty, a full command line interface.
Stable - You need a firewall that measures it's uptime in months and years not hours and minutes. Our choice has been running in some installations for over 5 years without a single problem. Now that is staying power.
The firewall of our choice is IPCOP It's free and it's fantastic!!
We use old P3 based Dell's but for our clients we like to use small mini-ITX based units for increased reliability. These cost approx. £300 + VAT which for our clients is reasonable. We have lost track of the number of times we have taken on a new client and found a complex, over specced firewall in place. Firebrick, Watchguard all good products but a nightmare to manage so they quickly find a new life on ebay or we simply chuck them.
This website is aimed at consumers and is a big hit in the UK for people wanting to save money.
This section of the website is extremely useful for businesses as well as residential as it gives the cheapest dialler numbers for dialing either Internationally or UK numbers - whether geographic numbers or not.
A lot of these services are actually cheaper than Skype and a lot of other VoIP services, so you can save lots of money when used regularly. If your telephone is programmable (or you use a mobile) it's even easier to save.
From what I gather from some of my customers, making choices about what CCTV system you want to install to protect your premises and the after-service you expect to receive can be quite a minefield.
Now having been part of the IT side of installing CCTV in various of my customers locations (installing the CCTV software, configuring web interfaces for use internally and externally etc) I've found a couple of names keep cropping up and recommendations for their use.
I've disguised the names of the customers for their protection. Please note that the words in bold are quoted directly from my customers (with their permission) and are in no way affiliated to runPCrun. The links are direct links to their website and runPCrun gains nothing from these recommendations and they are not affiliated to us in any way, they are for information only.
As always it's always a good idea to get personal advice and recommendations from local people you trust and that have had experience with the kind of products or services you are interested in, and don't just trust some random website you're reading.
Update: Please note the new OSIM UK store, run by Francis Leow of FK Marketing (Company Registration No. 05697926) can be found at http://www.osim.com/UK/ and is not related to this store at Bluewater or the company "Indigo Retail Ltd" (Company Registration No. 04254170 - formerly OSIM (UK) Ltd) - which this article concerns.
I walked into an OSIM UK store in Bluewater on 4th June 2006.(their website - www.osim-health.co.uk went down shortly before this article was written) I'd saved up long and hard to buy one of their OSIM iSymphonic Massage chairs. I fell in love with these chairs in Singapore 5 years ago and I've been saving up for one over the last year to get one. This chair is -in my opinion- the best massage chair available. It measures you then massages your neck, back and legs and simply turns you into a floppy mess 15 minutes later!