ClearOS

ClearOSClearOS is a network and gateway server distribution derived from RedHat and CentOS. Formerly known as Clark Connect, it is developed and maintained by the Clear Foundation, an IT solutions provider based in Wellington, New Zealand.

Installation: ClearOS is designed to be installed to a hard disk. The installation program is ncurses based and offers two installation modes – Gateway or Standalone. In Standalone mode, ClearOS may be installed with or without the firewall module. Support is available for LVM (ClearOS lacks support for LVM) and software RAID configuration. By default, the installer uses a non-LVM disk partitioning scheme, creating just two partitions – one of about 76 MB for the /boot partition, and the other for the main partition. Ext3 is the only journaling filesystem available.

ClearOS installation modes
ClearOS installer showing the two installation modes.

All of the services provided by ClearOS are packaged in modules. By default, only the Graphical Console module is selected for installation. For the rest, you may choose to install just a few, or all of them. The two images below shows the modules as presented by the installer.

ClearOS modules - page 1
The first page of the modules available for installation on ClearOS
ClearOS modules - page 2
The second page of the modules available for installation on ClearOS

Features and Services: Once installed, ClearOS is remarkably easy to administer via a browser-based interface at the console or remotely (https). The admin interface is very well designed and uncluttered. The following is a short list of some of the features and services that it provides:

  • Local DHCP and DNS services
  • LAN and WAN interface redundancy
  • 1-1 NAT and advanced firewall filtering
  • IPSec, OpenVPN and PPTP VPN
  • Anti-virus, anti-spam and anti-phishing
  • QoS
  • Intrusion prevention and detection
  • Username, IP and MAC address-based time-of-day access control (ACL)
  • Content filtering based on phrase and URL matching, black and white lists
  • NTP client and server
  • Configuration settings backup and restore
  • Software and hardware RAID management
  • SSL certificate management
  • File volume encryption
Related Post:  Ubuntu 11.10 beta 1 screenshot preview

Aside from hardware RAID management and the ability to encrypt file systems, all the other features are available on almost all the distributions in its category. What sets ClearOS apart from virtually all the others is its admin interface. It is, by my assessment, the easiest and the most intuitive to use. Most people will not need a guide or documentation to configure any one of it’s features, and for those that do, there is access to well written online documentations from the admin interface.

ClearOS is free to download, but as a user, the access you have to module updates depends on your subscription level. Those at the Basic (Free) level receive module updates only for the Remote Backup and Restore service and the Dynamic DNS service. All other module updates are available to Standard- and Premium-level subscribers.

Shortcomings: As much as I like this distro’s features and it’s admin interface, there are a few things you should be aware of:

  1. While the admin interface is a joy to use, the installer could be better. All but one of the distributions in the Firewall and Router category listed on this site either have a text-based or ncurses-based installer. I think they all can do better. There is no reason why a modern operating system should be sporting an installer other than a graphical one.
  2. The installer has support for LVM, but the default partitioning scheme does not utilize LVM. I think a system that could be used as a file, database, email and Web server should use an LVM-based partitioning scheme. CentOS, one of the distributions that ClearOS is derived from, uses LVM by default.
  3. During installation, only the root account is created. That is the account that is used to access the admin interface remotely, and also ssh into the system if you have to. Distributions like ClearOS always specify a separate account for access to the Web interface, and reserve the root account for indirect console access. Allowing console and remote root account access has always been a bad idea. It’s even worse in this case, given that ClearOS is a distribution that could be used to protect a network(s)
Related Post:  Pardus 2011 review

Suggestions: Here a few suggestions I have for the team:

  1. At the Basic subscriber level, make all updates free, and impose a restriction on the number of IP addresses that may pass through a ClearOS installation running at the level. This would be something akin to Astaro’s Home User License.
  2. Use an LVM-based disk partitioning scheme by default. LVM is the most flexible tool we have for disk management on a Linux system.
  3. There is an encryption module that you may use to encrypt file systems from the admin interface, but I think the best time to set up file system encryption is during installation. If you are going to implement disk encryption, it is better to encrypt the whole disk in the same manner that Fedora implements it.

Resources: Multi-platform CD iso image of the latest edition of ClearOS Enterprise is available for download here. If you want to take ClearOS for spin without downloading and installing it, try a live demo.

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer run network ads?  Yep, no more ads from the usual suspects that track and annoy you across the Internet. But since I still need to pay to keep the site running, feel free to make a small donation by PayPal or your favorite cryptocurrency.

  • Bitcoin
  • Ethereum
  • Xrp
  • Bitcoin cash
  • Bitcoin sv
  • Litecoin
  • Binance coin
  • Cardano
  • Ethereum classic
Scan to Donate Bitcoin to bc1qzvlte2m224zkayhdc7fdfjkp2rsgt0l5a496ua

Donate Bitcoin to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0x0F4362DFF77F3Ba0Dc637F5f3Eba35D09a2fA60C

Donate Ethereum to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Xrp to r4ggjvL36njsMCYTkJ3S7cTHscPsMsSGQv

Donate Xrp to this address

Scan the QR code or copy the address below into your wallet to send some Xrp

Scan to Donate Bitcoin cash to qrs0dedzp9t55af3nfwypydghp29r0xguy9s20fz2k

Donate Bitcoin cash to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin cash

Scan to Donate Bitcoin sv to 15K9TLyVDBtLuG9cYvXCX9SSkq9C9oUKHK

Donate Bitcoin sv to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin sv

Scan to Donate Litecoin to LetJ9QQMb7u2LMZ9Tu6rtHwcBcQFW98fbG

Donate Litecoin to this address

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Binance coin to bnb1ga8trq08ssqepd90v6225nzfgy448pu5pw8gxp

Donate Binance coin to this address

Scan the QR code or copy the address below into your wallet to send some Binance coin

Scan to Donate Cardano to addr1qx2354yw49etstfljpdhwja3ajjlt487lg95vu9ngy2q6vu4rf2ga2tjhqknlyzmwa9mrm997h20a7stgectxsg5p5esq5l7d9

Donate Cardano to this address

Scan the QR code or copy the address below into your wallet to send some Cardano

Scan to Donate Ethereum classic to 0xcD6CC972a2297FcafACDcfE042C55C69516a9264

Donate Ethereum classic to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum classic

Subscribe for updates. Trust me, no spam!

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

Upcoming events

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.