Update firewall recommendations with available Netgate options

freedomofpress / securedrop-docs

Documentation for the SecureDrop project

https://docs.securedrop.org/

Other

22 stars 26 forks source link

Update firewall recommendations with available Netgate options #349

Closed zenmonkeykstop closed 2 years ago

zenmonkeykstop commented 2 years ago

Describe the change

The docs still recommend the SG-3100, which is end-of-sale.

Current replacement options include the

Netgate SG-6100, which @cfm is using, and the
Netgate SG-4100, which I have available for testing

We should verify the latter and make any necessary changes to add both.

Note that all the currently recommended options would have 4+ NICs, so we could probably remove the instructions for 3-NIC devices which put the Admin Workstation and the App Server on the same subnet.

cfm commented 2 years ago

In 349-all-the-nics as of 762b37ff61c4f76f37f71dc5ce8885f14c18a3ee I've revised the text of the 4-NIC instructions based on my setup of the SG-6100. I'll replace the screenshots later this week and open a pull request for @zenmonkeykstop to test against the SG-4100.