Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Open Source FW recommendation

Posted on 2004-10-14
4
Medium Priority
?
194 Views
Last Modified: 2010-04-09
Hi,

I am looking for an open source FW with IDS support built in. Will be installed on a Solaris 9 machine. Would be nice to have the options to add other modules (load balancing for example)- but not a must. The main criterion is that it should be recommended by actual users for-
1. Performance and reliability.
2. Ease if use.


Thank you
0
Comment
Question by:bobwood2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 23

Accepted Solution

by:
Tim Holman earned 1080 total points
ID: 12306579
iptables and snort.
0
 

Author Comment

by:bobwood2000
ID: 12310631
Are there any features that iptables does not have, which would be helpful for protecting a popular web server?
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12311109
Not really.  I would also take a look at Smoothwall:

http://www.smoothwall.org/

It's more like an iptables 'GUI'.

To protect a web server, you need a firewall that blocks everything bar port 80, and statefully inspects the port 80 session.  ALL firewalls do this.

To extend your depth of protection, you'll need to add patch management, anti-virus and host IPS to ensure your web server remains protected.

For free, your enterprise options are limited.  You usually need to pay for stuff like load balancing.
0
 

Author Comment

by:bobwood2000
ID: 12344324
Problem solved. Thanks.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question