Open-source All in one Security Solutions (Part 1)

Today we can find a different Linux distribution for protecting the network infrastructure. Most of them are based on the opensource software and provide a solid protection against viruses, network attacks and even spam filtering. But selecting perfect solution can take more time than to implement it. so this post comes to provide a clear vision about different solutions.

The first multifunctional firewall in the list is Untangle , Untangle protect network users from malicious incoming Internet threats such as viruses, spyware, hackers, identity thieves and more. This solution can be used for small and medium size network (up to 300 hosts). Untangle is based on Debian and the Administration web dashboard is written in Java which requires a high system performance.

On the firewall you can install 23 applications 14 of them are free which provides: Antivirus/ Anti-phishing, routing, spyware protection, protocol analyzing for seven layers, web content filtering, VPN connection and many other features. These functionalities are provided over some popular opensource solutions like Snort, ClamAV, SpamAssasin, Squid etc. for preventing DoS low level attack there is a module called “Attack Blocker” which is integrated in the Firewall. Protocol analyzer module gives Administrators the ability to stop any application layer protocol like peer2peer and IM even if they use non standard ports.

Free report Module gives Admin the visibility and data necessary to investigate security incidents and enforce acceptable network usage policies , monitor behavior at the user, host, email and incident level, Understand traffic flows and network usage patterns, Fully exportable incident information in CSV, PDF or HTML formats.

The current version is Untangle 7.0.2 and the implementation is pretty easy and fast.

Next we can try Endian Firewall which is based on CentOS and includes a full set of protection measures against external threats. Endian 2.3 UTM (Unified Threat Management) includes a stateful packet inspection firewall Netfilter, IDS/IPS (snort), HTTP/FTP/POP3/SMTP AV scanner, spam protection and anti-phishing anti-spoofing Model. Endian allows making a filtering policy and routing as the admin wishes, by groups, users, Ip addresses, time with a 20 categories ready to use.

Endian supports Active Directory, LDAP, RADUIS and it allows to manage VLAN, support SNMP. You can find two applications for creating VPN OpenVPN and Openswan for IPsec Implementation on Linux.

After the installation you can get an encrypted backup of the complete configuration directly from the system and save it on your desired way (USB/DVD..).

This is the first part while selecting the right solution depends on the network need and architecture.Secure Computing is very important and defending your network start from here.

make sure you subscribe to my RSS feed!