Tip of the Trade: Pyramid Linux
Shopping for network "appliances", especially mid-to-lower range gear, can easily turn into a full-time job. Netgear, D-Link, Linksys, Cisco, Watchguard, Sonicwall, SnapGear, Netscreen, Multitech, Barracuda, CheckPoint, Symantec, and so forth; with all manner of options and pricing configurations. Your purchasing fun is just beginning when you finally make a selection; then comes the per-user, per-year licenses, plus support. And after all that, what do you get? Mostly, you get poorer. Does Pyramid Linux on small form-factor hardware equal network administrator happiness?
When you need a new network border appliance you owe it to yourself to give serious consideration to the do-it-yourself option. You'll save a lot of money and have complete control, which are always good things when it comes to your network security. There are no shortage of DIY choices in the Free/Open Source software world; today we'll take a look at Pyramid Linux on small form-factor hardware.
Pyramid Linux is designed for embedded wireless devices, but it lends itself quite nicely to ordinary wired networking as well. Based on Ubuntu Breezy, it weighs in under 64 MB. It installs read-only, making it perfect for Compact Flash devices because you don't want unnecessary writes on CF cards.
Pyramid Linux is descended from the wonderful Pebble Linux, which is based on Debian Woody. Pyramid comes with a newer kernel, 2.6.16, the Lighttpd Web server with SSL and PHP support, udev and sysfs, HostAP, a nice Web-based management console, and a bag of other excellent goodies.
Pyramid Linux is distributed by Metrix Communication, which sells wireless networking gear. It bundles Pyramid in customizable hardware kits. You don't have to buy its stuff to get Pyramid Linux; Pyramid is available free of cost to anyone. The original Pebble Linux is still available as well. You're not stuck with the original package but can add anything you want up to the limits of your storage media, which makes Pyramid a nice base for firewalling, intrusion detection, FTP, HTTP, DNS, or DHCP servers, or anything you want. See this Single Board Computer (SBC) Quick Reference Guide to learn more about hardware options.