Many self-motivated networking professionals experiment with scratch-building or improvising network gateway and perimeter devices to function as routers, firewalls, intrusion detection and prevention devices, and more. If they’re ambitious, they might even include custom-built or site-specific configurations, and equip these devices to filter content, prioritize packets or shape network traffic. Windows servers provide a good basis for converting mild-mannered desktop machines into full-fledged network appliances, but Windows cannot be easily whittled down or reworked like Linux or UNIX. That said, it’s not unusual to see customized, battle-ready routing equipment appear in makeshift security roles, be it to replace costlier products with equivalent functionality, or to fill the gap where no equivalent unit exists in market-ready form.
When building commercial security appliances, most vendors seek to provide unified threat management solutions that are at least somewhat able to provide self-supervision, support automated maintenance strategies and cram as much comprehensive functionality into a compact and practical working environment as they can. In fact, Yoggie Security Systems has turned this quest into a usable, marketable platform that is also something of a technology tour de force. Today, commercial threat management network appliances can handle all kinds of tasks and are often built around small microprocessor designs with small hardware footprints. Many of these designs also center around specially-modified Linux installations, which should come as no big surprise
Typical routing appliances include processors that operate in a range from 200 to 500 MHz for general applications, which is usually sufficient to handle network environments with up to 30 nodes or so. A crafty and clever designer can incorporate all sorts of fanciful features into such a working environment, including anti-virus and anti-malware scanning, but it takes a competent and knowledgeable integrator to make all these parts work together cohesively. Focusing on a standalone Internet appliance also means that effective coverage occurs only within the perimeter of the network that the appliance serves, and can leave roaming employees on mobile platforms exposed to scanning, attack and even possible compromise.