Software Firewall

What would you recommend as the best software based firewall for enterprise solutions? Like so much like iptables but more web interface, fully manageable.

ipcops.com comes to mind but seems to be more soho type, anything out there enterprise grade?

 

If you are looking at an enterprise solution, you might want to check out http://www.untangle.com/

I have not had a chance to try their offerings, but their concept looks very interesting . . . and easy to configure.

 

It all depends on your needs.
What network are you planning to protect?
Where do you plan to deploy it?
Please elaborate if you can.

For an enterprise level firewall, i would consider using checkpoint firewalls. Definitely not free, but good value for your money.

 

> What network are you planning to protect?

Financial services network.

> Where do you plan to deploy it?

I assume you mean internal or external, it's for internet use.

Thanks for the checkpoint reference, good start. Yes, looking for software, I find it's a much better choice, after all, even hardware based solutions are just software on a box.

 

Here are a few firewalls i can recommend, most are hardware:
Checkpoint running on Secure Platform OS - Software
Checkpoint UTM - an all in one hardware solution (firewall, antivirus...) - This is actually Crossbeam hardware
Fortigate - Hardware all in one (IPS, Antivirus, Firewall, SSL VPN...)
Nokia - Hardware Running checkpoint software
Juniper (netscreen) has great solutions in this field.

Personally i cant recommend cisco firewalls.

Are you planning to protect servers or users, or both?

 

These are all servers. Thanks, I'll check into it but not interested in hardware, only software.

Idea, what's wrong with running a linux based firewall with snort? Wouldn't that have the same end result?

 

well CSF is another firewall which can be managed through web interface , but we recommed using apf , eventhough it is not manageable through web interface.

but it provide better solution than any other.

Regards,

Arun K
-------------------
http://www.eukvps.com
Cheap & Reliable VPS Hosting

 

This was a long answer i had, so i just wrote it on my new blog.
I hope this will help show my views on this matter.

Linux Firewall VS Commercial Firewalls

 

My topics are article worthy, that's pretty cool, thanks

 

Try BlackICE server from ISS.

Its a software firewall and is very easy to implement and manage.

The gui is very nice and informative.

 

Thanks but I am looking for more enterprise level options. Testing IPCop now. Going to try that. The only problem appears that it needs to be installed locally so trying to find ways around that.

Thanks all.

 

Just to report back to everyone,

IPCop 1.4.14 + Copfilter 8.4 beta is a great combination.

The only challenge of course is because it has to be installed at the console, might not be able to use for remote locations but anyone considering a very good firewall + ids + traffic filter should consider this great open source combination IMO.