On the smaller scale of UTM appliances

I've always been a fan of UTM appliances to protect networks. (Unified Threat Management). Basically a UTM adds extra features to a basic hardware firewall..so in addition to NAT, you get extra features such as antivirus scanning, deep intrusion detection, content filtering..all done on the appliance itself, not on your computers.

Some readers here may be familiar with my fondness of some free *nix based UTM distros such as Endian, Copfilter (add-on for IPCop), and especially Untangle. But these are often overkill for the typical home user, requiring a dedicated PC to run on.

Some common broadband routers running on the Broadcom chipset support being flashed with alternative firmware such as DD-WRT, Tomato, Hyper-WRT, etc. Popular routers such as the Linksys wrt series, and some Asus models. They add some cool features, increased stability, etc.

I recently came across a firmware that has UTM features for these routers, PacketProtector.
http://www.packetprotector.org/

"Here's what you get-

* a stateful firewall (iptables)
* WPA/WPA2 Enterprise wireless (802.1X and PEAP with FreeRADIUS)
* intrusion prevention (Snort-inline)
* remote access VPN (OpenVPN)
* content filtering/parental controls (DansGuardian)
* web antivirus (DG + ClamAV)
* a local certificate authority (OpenSSL)
* secure management interfaces (SSH and HTTPS)
* advanced firewall scripts for blocking IM and P2P apps
* IP spoofing prevention (Linux rp_filter)
* basic protocol anomaly detection (ipt_unclean)
* anti-phishing (OpenDNS)
* automatic signature/rule updates"

Requires a specific Linksys model, or a few Asus models...those of you which have those models..worth a looksie.
Cool stuff!

 

I bought an ASUS router today (one that works with PP) and am going to give PP a whirl. PP seems like a good open-source UTM method of home network gateway protection.