Skip to main content

Top 10 Open Source Firewall

With perilous threats from crackers and script kiddes lurking in the network, IT administrators could do no better than placing a firewall protection. Firewall prevents unwanted access to departmental systems while preventing local systems from attacking systems on the other network. It ensures that the traffic entering and leaving the secured LAN is accessing the correct applications on the correct computers. We had already done with the top free Windows firewall. However, there is cool open source firewall to take advantage of. Open source firewall not only offers better customization options, but also reduces the cost of ownership. After a comprehensive search we assorted the top 10 open source firewall.

1. Endian Firewall


This is an open source firewall based on the IPCop Linux Firewall. It is one of the most widely used open source firewall with comprehensive features. It is almost an opensource Universal threat Management (UTM) device with a Statefull firewall, VPN, Webproxy, SIP proxy for VoIP, Web Security, Content Filtering, Mail gateway and Antivirus, Anti-spyware and Anti-phishing capabilities.

Some of the crucial features of Endian Firewall include

 Easy to configure and administer web interface
 Routing and NAT support
 Port forwarding
 NTP client and NTP Server support
 Reporting with system, network and traffic logging
 Remote Sysol server support
 IPSec VPN for site to site VPN and remote users support with Endian VPN client (Windows, MacOSX, Linux)using OpenVPN
 Mail security for SMTP and POP3 with Antivirus,Anti-Phishing, Anti-spyware
 Webproxy supporting HTTP,FTP and DNS bypass
 SPAM protection using pyzor Spam filter
 DNS bypass and Dynamic DNS support
 SIP proxy for VoIP
 Antivirus support provided by ClamAV
 Traffic Shapping on the Internet facing interface for QoS
 Traffic Monitoring using nTop
 DNS and DHCP server using dnsmasq
 Zone based Firewalling
 User Management with Windows Domain, LDAP, RADIUS and Samba support

Comments

Post a Comment

Popular posts from this blog

How to configure multipath Debian CentOS for IBM Storage

This detailed how to guides to achieve high availability and performance on Debian and CentOS for accessing storage space at IBM DS8300 Data Storage Systems. Tested on Debian GNU/Linux 5.x Lenny 64 bits and CentOS 5.3 64 bits running on 8 cores blades, with Host Bus Adapters Qlogic and Emulex Light Pulse Fiber Channel in deployed systems at SERPRO . Observations showed that Debian Lenny has the best performance, for our app load profile and hardware. Also, there are listed a number of previously not clearly documented critical pitfalls to avoid. STUDY whole articles, hints, implications, and cited resources before planning your deployment. Every detail matters . Before start, you must have LUNs at IBM DS8300 storage configured for high availability and performance as explained at the article How to configure maximum performance storage space for Debian GNU/Linux on IBM DS 8300 Data Storage Systems . Multipath and storage basic concepts In order t...
Post a Comment
Read more

Squid Access Lists

Access Lists There are a number of different access lists: http_access : Allows HTTP clients (browsers) to access the HTTP port. This is the primary access control list. http_reply_access : Allows HTTP clients (browsers) to receive the reply to their request. This further restricts permissions given by http_access , and is primarily intended to be used together with rep_mime_type acl for blocking different content types. icp_access : Allows neighbor caches to query your cache with ICP. miss_access : Allows certain clients to forward cache misses through your cache. This further restricts permissions given by http_access , and is primarily intended to be used for enforcing sibling relations by denying siblings from forwarding cache misses through your cache. cache : Defines responses that should not be cached. url_rewrite_access : Controls which requests are sent through the redirector pool. ident_lookup_access : Controls which requests need an Ident lookup. always_dire...
Post a Comment
Read more

ipsec tunnel pfSense and Centos

pfSense 1.2.3 -------- external ip: 1.1.1.1 internal ip: 172.20.1.20 internal network: 172.20.1.0/24 Centos 5.5 -------- external ip: 2.2.2.2 internal ip: 172.20.2.1 internal network: 172.20.2.0/24 pfSense config from a reset. Firewall rule to allow all ipsec communication (all protocols). pfSense ipsec config -------------------- Mode: Tunnel Interface: WAN (I'm not sure this should be WAN, but changing it to LAN makes no difference) Local subnet: 172.20.1.0/24 Remote subnet: 172.20.2.0/24 Remote gateway: 2.2.2.2 Phase 1 Negotiation mode: agressive My identifier: My IP adress Encryption algorithm: 3DES Hash algorithm: SHA1 DH key group: 2 Authentication method: Pre-shared key Pre-Shared Key: secret Phase 2 Protocol: ESP Encryption algorithms: Rijndael (AES) Hash algorithms: SHA1 PFS key group: 2   Centos ipsec config ------------------- /etc/sysconfig/network-scripts/ifcfg-ipsec0 TYPE=IPSEC ...
1 comment
Read more