I found the M0n0 site while doing a few Google searches for a new firewall solution.
We are currently using SonicWall but the annual sub will be ending next month and we really don't want to keep paying.
Our current bandwidth:
Fiber Optic modem from ISP dedicated 50mbps capacity
128 public IP's /25 subnet - xxx.xxx.xxx.1/25
You'll need good quality NIC cards to handle this, along with a system that has good PCI bus speed (basically anything PII or better should work) RAM wise, go with at least 128MB of system RAM. Try to find cards that support device polling, that will help the bandwidth throughput greatly.
Current Servers:
2 dedicated web servers - 12 websites each server with public IP each website
each server on ports 80 and 443
Don't see any issues with that, I've been running 50 websites through mine without issues.
2 dedicated mail servers - same as web servers
each server on ports 110, 25
Yeah, no problem for those also.
4 dedicated mysql database servers - internal network no need for public access
each server on port 3306
I'm guessing then m0n0wall would be out the picture since that would all be dependent on your internal network setup.
12 dedicated freeradius servers - each with public IP
each server on port 1812, 1813
Each with a public IP, don't see any issues.
1 freenas server - public IP for remote employee file sharing
ports 80, 443
Again, public IP to keep things straight, don't foresee any issues.
From reading the forum here I'm unsure if a single m0n0 system can properly handle the current servers while keeping them all secure from outside attacks.
Any comments will be helpful on recommended setup.
What you are talking about is one heck of a setup for a first timer to m0n0wall. I don't know what you are currently using, but I wouldn't do an entire mega switch over all at once. The first thing you need to do is find a good system setup. I imagine that since you already manage all of this, you know your way around the PC, so the thing to keep in mind for m0n0wall isn't so much processor power as it is good quality components. You're basically building a machine that will run 24/7 without reboots ever (expect for upgrades, that's about it, hehe) so this machine needs redundant power supplies, UPS, good motherboard, RAM, NIC cards, etc. You probably know all of that already, but I would want to stress this as someone who has encountered the evil PC gnomes when you buy cheap hardware.
Another thing to keep in mind is that m0n0wall by default limits you to 30,000 sessions. So while that's a ton of them, if you are running websites that are as busy as yahoo or google, you might consider that before you get started. Heck, the 50 websites I run, only rack up about 2 to 3 thousand sessions at a time, as I never even been close to the 30,000 limit, even with my BitTorrent client running 24/7 and set to 10,000 global connections.
With such a large project in mind, know that m0n0wall doesn't support multiple WAN NICs. You have a single WAN NIC that can support as many IP/Range as you need. Now you can add a ton of LAN, and OPT networks (as many as you have PCI slots to put the NIC cards in).
Then you have traffic shaping (my personal favorite) where you must plan out the fairness of your network. Are your web servers going to blast out at full link saturation or are you going to limit them to something more sane like maybe 3.0 Mbps max upload so that the rest of your network has some room to breathe? M0n0walls's traffic shaping features are very awesome in my experience with traffic shaping hardware due to how flexible and configurable it is (once you get a grasp on all the things it can do, which took me a while).
Really, I could go on and on, but as far as I can tell, without knowing much about how your network layout will be, I think m0n0wall will serve it's purpose for you.
Topic: What can M0n0 handle?