Performance and Conclusions
As I mentioned earlier, since Smoothwall is based on Linux, performance is quite high, even on low-end systems. Some resource-intensive features like the web proxy service and maybe VPN performance may be limited by your hard disk and processor, but the real work of moving network packets around can be handled quite easily by just about any old box. To measure network throughput, I installed Smoothwall Express 2.0 on a PII 400MHz system with 256M of memory and connected a PII 333MHz box with 256M of memory (the "endpoint" system) to the "orange" network. From my desktop on the "green" network, a P4 2.6GHz system with 512M of memory (the "test" system), I launched several tests across the Smoothwall box to the system on the "orange" network. Here are my results:
With the "endpoint" running Windows 2000 Pro and the "test" system running Windows XP Home, using the QCheck utility, I measured TCP throughput at 93.023 Mbps using 1000kByte data size and I measured UDP throughput at 27.778 Mbps using 1000kByte data size. With "endpoint" and "test" both running Mandrake Linux 10.1 Official, using the IPerf utility, I measured TCP throughput at 93.6 Mbps using a 16kByte TCP window size. As I've mentioned in earlier articles, the practical limits of 100Base-TX Ethernet are generally considered to be somewhere between 60 and 95 percent of the 100Mbps theoretical limit, so these results are definitely towards the high end. What this means is that the limiting factor here, at least when it comes to raw network throughput, is definitely not the software.
Smoothwall Express 2.0 is a great firewall system right out of the box that will work well and provide more features than many users will ever need. The system is easy to install and configure, and the online help system will benefit nearly everyone. Advanced users or complex environments however, may require something with a little more flexibility.
Since I recently reviewed ClarkConnect - another free Open Source firewall - I thought I'd offer a few points of comparison. The biggest difference between the two is that Smoothwall is designed to be a dedicated firewall only, while ClarkConnect can be a firewall, a server, or both. On the other hand, both distros are alike in that they are designed to be administered from a web based configuration utility.
But I think Smoothwall's web interface is a little better laid out and easier to navigate than ClarkConnect's. And I found Smoothwall's online help system to be more helpful and complete than Clarkconnect's method of putting general descriptions alongside configuration options. In the end, both distros are reliable and will get the job done, while at the same time being easy for almost anyone to get up and running.