Open source firewall

Nothing beats a standalone quality hardware firewall, except for one that happens to be open source and replicates most of what the big players do for the price of free. If one of one of our customers is looking to filter out traffic or particular websites, look no further than open source community firewall. This all-in-one Linux distro with powerful firewall functionality can be easily deployed onto an aging system that can likewise be turned into the primary firewall of a small business (or mid-size business, if you so wish.)

While this nifty system is quite powerful, it does require some re-architecture of a company’s network, so you will need to plan your downtime and installation path appropriately. A great overview of the layout of a protected network can be found on our installation guide routine. One of the other requirements you will need to be mindful of is that each “logical network” you want to configure within will require an additional network card with patch cord tying back into the physical infrastructure. This may be a challenge for PCs that may have only 1-2 PCI slots that are full. A system best suited for running will likely be a mid-tower to full-tower ATX system due to the hardware requirements.

UTM-Open Source Firewall

We turn an Old PC to powerful open-source Realtime Unified Threat Management

Also available as Virtual Machine

Target: SOHO (Small- / Home-Office)

What you need:

  • Intel x86 compatible (1GHz minimum, Dual-core 2 GHz recommended)
  • 512 MB minimum (1 GB recommended)
  • SCSI, SATA, SAS or IDE disk is required (8GB minimum 20GB recommended)
  • Most common Network Interface Cards are supported including Gigabit and fiber NICs (more than two network card’s needs)

Why do not need:

  • Extra cost for software license (Open source)

Features:

  • Stateful Packet Firewall
  • Demilitarized Zone (DMZ)
  • Intrusion Detection and Prevention (Snort)
  • Multiple WAN (Automatic WAN Uplink Failover)
  • Application Control: the outgoing firewall recognizes and blocks applications (over 160 Protocols including Facebook, Twitter, Skype, WhatsApp and more)
  • Anti-Virus: Anti-Virus available for HTTP, SMTP, FTP and POP3 proxies
  • HTTP Proxy: excellent URL filtering service has been implemented with over 100 million pages recognized and categorized (Transparent Proxy Support)
  • Virtual Private Network: the user interface has been totally rewritten as well as the OpenVPN server backend increasing the throughput. Improved and extended mobile support (Android and iOS). Multiple authentication servers added including Active Directory, Novell, eDirectory as well as any other LDAP implementation. Granular VPN access management for single users and groups
  • Hotspot: Cyclic Tickets and SmartLogin (remembering users), configurable authentication server (external: LDAP, Active Directory, Novell eDirectory, RADIUS.)
  • Reporting and monitoring: brand new reporting dashboard. Detailed and customized reports, live network monitoring powered by ntopng

 

We turn an Old PC to powerful mail filtering gateway .Also available as Virtual Machine

Target: SOHO (Small- / Home-Office)

What you need:

(less than 20'000 msgs/day)

  • Intel x86 compatible (1GHz recommended)
  • 512 MB minimum (1 GB recommended)
  • SCSI, SATA, SAS or IDE disk is required (20GB minimum 60GB recommended)
  • Most common Network Interface Cards are supported including Gigabit

Why do not need:

  • Extra cost for software license (Open source)
Features:
SMTP gateway
  • fully compatible with anySMTP mail server
  • routes mail on a per-domain basis
  • per recipient/host whitelists and blacklists
  • SMTPand LDAP/Active Directory callout for e-mail address validation
Anti-Spam
  • SpamAssassin base ruleset and additional rules
  • Bayesian controls, with auto-learn
  • RBL checks
  • URLRBLs
  • SPF checks
Anti-Virus/Dangerous Content
  • ClamAV scanning engine with automatic updates
  • File type and file name access lists
  • detection of potentially dangerous content
Administration Web GUI
  • access to all users' configurations and quarantine
  • full real-time spam quarantine access
  • full real-time blocked content access (virus and dangerous content)
  • Anti-Spam/Anti-virus/Content protection policy configuration
  • advanced administration access list, so you can delegate light administrative access to other people, such as a hotline for example
  • monitoring of the whole MailCleaner filter farm
  • access to all logs
  • mail queue access and control
User Web GUI
  • Authenticator connectors so your users won't have to remember another credential
    • IMAP/POP3connector (to authenticate against a POP3 or IMAP server)
    • LDAP/ Active Directory (to authenticate against an external LDAP, Exchange/Active Directory or Lotus server)
    • Radius
    • MySQL
    • Local (users' credentials are stored on the MailCleaner server)
    • Tequila (Tequila)
  • Full access to their quarantine, with message release and analysis options
  • per e-mail address configuration options, such as delivery mode (tag, quarantine, drop) and periodic summaries.

 

 

Comments are closed.