My firewall had become too complicated to administer in order to satisfy the new security policies that I implemented on my personal computer network: flow separation, IPS, anti-virus, etc…
So I decided in November-December 2020 to migrate my Gateway to ClearOS, with a classic IPTables firewall, as well as some features to a more advanced firewall. For security reasons, I will not divulge its OS, nor its rules.
However, I was able to set up the separation of flows through several VLANs, with strict rules so as not to allow unwanted communications between VLANs, as well as an IDS/IPS on certain interfaces.
All of the filtering and NAT rules have also been reviewed in order to provide maximum network security.
The VPN has also been reviewed to follow the latest security standards.
This update required about 24 hours of work on the initial configuration, and a refinement of about 1 month in order to deactivate the permissive rules of the first times by replacing them with strict rules, and to configure the IDS /ips.
