Firewalls, Routers and ADSL
With broadband access becoming increasingly prevalent at home, it is becoming more common to share internet connection between several users (or PC's) concurrently. Typically the Home Automator will want to take advantage of an "always on" connection to allow remote access to the systems within the home - perhaps via a controller with an integral webserver such as Homeseer or Mister House. In this case, the broadband connection must be ordered as a "non-NAT" connection.
Non-nat connections allocate a routable IP address to the router in the consumers premises which can be accessed externally. Ideally this IP addressed will be a fixed IP address -- it doesn't change over time -- although it is possible to make do with a dynamically allocated address and still provide external access thanks to Dynamic DNS services such as www.dyndns.org, which track changes in the allocated address automatically.
There are a vast number of ADSL providers available. Not all are equal - some impose unrealistic usage caps, others prefer to use an honour based system, and some prohibit the running of "servers" of any description as part of their Terms and Conditions. ADSL guide is a good starting point for researching the current options. After a terrible time with Easynet, I subsequently moved to Andrews & Arnold, who were great - but sadly they saw fit to introduce stringent usage caps. This prompted a move to Eclipse, my current provider.
Once a non-NAT connection to the internet is available, it is essential to install a firewall. Without a firewall, it is just a matter of time before your suffer the inconvenience of being hacked and your systems are compromised. Firewalls are available as dedicated devices (at a price), or can be downloaded and installed on a dedicated PC.
The dedicated PC option is perhaps the most flexible. If space is at a premium, the LinITX firewall PC with IPCop on compact flash is a good choice. IPCop presumes a basic knowledge of networking, but is otherwise simple to adminster through a web based GUI. If space is not an issue, a second hand PC base unit will make a good firewall. Ideally the PC should be capable of booting direct from CD. That way, setting up the firewall is simply a case of burning an IPCop image onto CD, slipping the CD in the tray and reseting the machine.
Personal firewalls are another option that may be worth considering for a small number of PC's on a broadband connection. These vary drastically in quality, with certain products offering almost no protection, and the issues with configuring and administering them are such that it really isn't worth the hassle unless you only have a single PC.
|
