Top 5 open source FirewallBy Partho, Gaea News Network
Monday, October 12, 2009
With perilous threats from crackers and script kiddes lurking in the network, IT administrators could do no better than placing a firewall protection. Firewall prevents unwanted access to departmental systems while preventing local systems from attacking systems on the other network. It ensure that the traffic entering and leaving the secured LAN is accessing the correct applications on the correct computers. We had already done with the top free Windows firewall. However, there are cool open source firewall to take advantage of. Open source firewall not only offers better customization options, but also reduces the cost of ownership. After an comprehensive search we assorted the top 5 open source firewall.
1. Endian Firewall
This is an open source firewall based on the IPCop Linux Firewall. It is one of the most widely used open source firewall with comprehensive features. It is almost an opensource Universal threat Management (UTM) device with a Stateful firewall, VPN, Webproxy, SIP proxy for VoIP, Web Security, Content Filtering, Mail gateway and Antivirus, Anti-spyware and Anti-phishing capabilities..
Some of the crucial features of Endian Firewall include
- Easy to configure and administer web interface
- Routing and NAT support
- Port forwarding
- NTP client and NTP Server support
- Reporting with system, network and traffic logging
- Remote Sysol server support
- IPSec VPN for site to site VPN and remote users support with Endian VPN client (Windows, MacOSX, Linux)using OpenVPN
- Mail security for SMTP and POP3 with Antivirus,Anti-Phishing, Anti-spyware
- Webproxy supporting HTTP,FTP and DNS bypass
- SPAM protection using pyzor Spam filter
- DNS bypass and Dynamic DNS support
- SIP proxy for VoIP
- Antivirus support provided by ClamAV
- Traffic Shapping on the Internet facing interface for QoS
- Traffic Monitoring using nTop
- DNS and DHCP server using dnsmasq
- Zone based Firewalling
- User Management with Windows Domain, LDAP, RADIUS and Samba support
SmoothWall is a free open source GNU/Linux firewall that offers high-security features. It is designed to fit minimal hardware and small footprint. SmoothWall is managed via integrated web interface. It works on almost any Pentium class computer with at least 128MB of RAM and a hard disk with a capacity of 2GB or greater. The firewall is managed via an integrated web interface. Users can configure the network interfaces according to their needs. in addition, some other items that can be configured include web proxy, ISDN configuration, ASDL configuration and DHCP configuration.
NetDefender is a free Firewall with source code that can be downloaded along with firewall executable. Netdefender’s firewalls and IP Filters allows the system administrators to restrict intrusion by limiting the inbound and outbound traffic via policies. Netdefender can only run on an OS higher than windows 2000 (i.e. Win 2000, Win Xp). The firewall has been written in VC++ 7.1 (Visual Studio 2003) using MFC , Windows API, Filter Hook Driver (Provided with Windows 2000).
NetDefender offers an easy to use interface.
Some of the key features in the Firewall include
- User might Block or Allow all the traffic with just one mouse click
- It is a packet filtering Firewall
- As per the security requirements custom rules can be added to this firewall
- Rules can be set based on the source and destination IP, source and destination Port number and on Protocol used (IP,TCP,ICMP)
- Already added rules in modified by the user
- An additional port scanner is provided that allows scanning of the system for open ports
- It provides the list of applications that can be connected to outside network
For Linux users Firestarter is an open source software. It enables internet connection sharing. It allows users to define both inbound and outbound access policy. It offers realtime firewall events view that shows intrusion attempts as they happen. It secures active network connections and helps to manage them through the firewall. Firestarter’s important features include
- An easy to use graphical interface
- Can be used on desktops, servers and gateways
- Stops Denial of Service (DoS) attacks by tuning for ICMP parameters
- Easy configuring options for Open or stealth ports
- View active network connection that include traffic routed through the firewall
- Advanced Linux kernel tuning features to protect from flooding, spoofing and broadcasting
- Support for Linux Kernels 2.4 and 2.6
- Support for tuning ToS parameters to improve services for connected client computers
This open source firewall software combines the power of netfilter/IP tables. It is shaped for complex scenarios appropriate for enterprise solutions such as a Cisco PIX box. It is not just a script, but a language that produces firewall rules. The project focuses on simplification, ease-of-use, flexibility and security. One of the unique features of FireHol is that only one file is required for the entire system and that even without any compilation. Configuration files are easy to understand and allows users to create firewalls fast and easy. FireHol ensures full security by creating rules for both directions of firewall.
Tags: Linux Firewall, Open Source, open source firewall, Windows firewall