Bare Metal UTM, Using Squid and SquidGuard.

         UTM (Unified Treat Management)

           UTM is special hardware firewall in simple words. Firewall can only filter the traffic based of ip address. But in the latest network thats not how things work, we need to secure the web. I have tried to demonstrate few features of UTM using Squid and SquidGuard.

Features which is demonstrated :

                                                    1) Proxy (reverse proxy)

                                                    2) URL Blocking

                                                    3) Bandwidth limitation

                                                    4) Routing

                                                    5) Anti virus used clam-AV

                                                    6) Firewall (used iptables when required)

Squid : Is the well know open source proxy. I have made use of it as a reverse proxy(you can find the conf in the above link) . Transparent proxy was configure and UTM features like bandwidth limitation, proxy, network isolation was achieved by using squid.

              I did try URL blocking using squid, but i was not successful. I am still trying to figure it  out what was the reason.

SquidGuard: This specifically i used for URL blocking , a read made list of famous sites to be blocked by any UTM is available on INTERNET( i forgot the link , if i get the link i will post it here). We compile the database based on the category available. In my conf file i have shown how to block Porn category.

IDS & IPS : To achieve this i had used snort , but i was not successful. Configuring it takes lot of time, which i am really running short now.

Network : I had used one plain Ubuntu box to make it into a UTM . Attached two LAN card one for external network and one for internal. Routing was enabled using iptables. Transparent Proxy was for the internal network to access Internet. And all the policy was implemented on it.

Caching :  One of the main feature of squid. I was running a web server on my UTM Gateway. Even when web server of off squid use to render the page, it was a successful reverser proxy and caching was also enabled.

**************************************************

This is the conf file of Squid which i used to create my UTM Squid.conf

This is the conf file of Squid Guard which i used for url blocking, squid_Guard_conf

===============================

NOTE: I am still writing this post. Shortly i will try to complete it as per my free time.

===============================

Advertisements

One thought on “Bare Metal UTM, Using Squid and SquidGuard.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s