Content Filtering & Firewall
We're in the market for a new firewall and content filtering solution due to the fact that our content filtering license is coming up for renewal (and we're extremely unimpressed with the features) and the firewall being a complete pain in the behind to use. Currently both are done in the router - and this results in a absolutely hideous UI to manage the device, and doesn't fulfil our needs completely.
What I'm contemplating doing is using a Linux box to do the firewall as I feel comfortable in a 'nix environment. I'm open to suggestions on both this, and the content filtering solution.
From a content filtering / firewall point of view we'd like:
- Filtering by IP (ranges)
- Filtering by MAC address (for computers needing special policies applied)
- Ability to allow only recognised devices access to the outside world (by MAC address)
- Ability to log bandwidth use by device
- Ability to filter based on timeframes (boarders need a different policy in the evening, and at weekends)
- A decent reporting UI
- Ability to set our own HTML for a blocked page to gracefully help the users out
- Ability to blacklist / whitelist custom URLs, and place them in a specific category if needs must.
We're not particularly bothered by things like AD integration (although at the right price would be nice). Ideally we're looking for something that's free to begin with to check it meets our needs, and ideally we'd like most of the cost to happen at the outset of this project. We wouldn't mind paying a one-off 'module' fee for some features we are after, nor a small fee every year but not a crazy renewal.
So - as I'm probably not going to get a chance to use every combination of the firewall / filtering marketplace, are there any combinations that are good, or to be avoided? Any other things to lookout for, or products that look good but once used in anger have fallen below what was expected?