Hi all, first post here, from a newbie (but eager learner) in networking. So please speak slowly
Here's my goal : I need to secure a very small business (6 users), in a small-ish office (it is still 2 floors). The most important goal is security. Here are my specs:
- ISP provides 500 Mb internet, so I need to support this
- I need wifi
- I need WPA3 entreprise (or something as secure)
- I need "parental control" (i.e. dns/IP/url filtering), but not based on mac addresses (these are a joke to spoof, and I cannot understand why so many commercial solutions are based on this. but I digress...). It would make sense to me that the "parental control" is based on the authentication method of WPA3 entreprise, but open to whatever works best and is strong.
- I need strong firewall
I will NOT need this
- I will NOT allow any access to the internal network from outside (to increase security)
Nice to have
- antivirus integrated to the network
- I hate recurring payments, so I would prefer a solution where I buy hardware upfront, but then am not locked down with any paying vendor
I currently only have the modem/router provided by the ISP. My budget to purchase additional hardware is up to ~ 500 EUR / 600 USD.
I am naturally attracted to open source solution, mainly because I feel I can never be sure a commercial vendor did not include a backdoor (am I too paranoid?)
So I spent quite some time on the internet to try to educate myself. I have a few questions for whoever is willing to help.
Unified Threat Management Devices seem great to me, when I read their theoretical definition. I do not fully grasp the delimitation between a router that includes, say, a firewall and a UTM. Does OpenWRT installed on a router qualify as a Unified Threat Management Device ?
When searching for open source unified threat management on the internet, I landed on Endian. Can someone knowledgeable about it highlight the high-level differences between Endian and OpenWRT? Which one is more suitable in my case?
Can someone give advice on the high-level setup they would implement in my case. My thinking right now is to set the ISP gateway in bridge mode (effectively the ISP hardware becomes modem only), and buy a OpenWRT compatible router, plug it via ethernet to the ISP modem, and have all the devices connect to that router. Is that the best solution for my requirements?
Any suggestion/comment/partial answer welcome. Thanks a lot!