What can come among the top 5 open source firewalls? Yes, this I was thinking of! Of course, there are lots of services and ready use os available. Deciding to deploy any firewall can be difficult. Why difficult? Well, the reason is simple, we never know what consequences will be there while not taking care of security. From the very beginning of the Linux era, things started with Squid, where Administrators were supposed to manage everything manually. I remember still, how we were supposed to get install service with RPM manually. How all ACLs, IP address ranges were supposed to take care of very precisely. Getting access to logs, reports was altogether a tedious job. Applying IPTable to provide extra layer security made Linux admins feel like some sort of saviors.
Anyway, now things are better (of course!). Sometimes organizations don’t want to invest much in IT Infra or cyber security. But, still, they want to keep their stuffed secure and internet run with good speed. In such cases some of the freely available utilises can help. Based upon my previous experiences I will try to share a list of freely available firewalls that can help you at least to start with.
1. Endian Firewall
Endian is one of the most popular open-source firewalls. Both community and enterprise versions are available.
ISO image can be downloaded which converts any ordinary hardware in UTM.
- Open source Liense (GPL).
- Support dynamic DNS for configuration.
- Network Security.
- Web Security.
- Mail Security with Anti spamming features.
- Remote access with remote authentication system.
- Feautres linke NAT Routing Bridging are available.
- Web admin portal for managing users.
- Updates and systems access available.
Pros and Cons
Though rich community support is available no official support for the Free version. A decent hardware configuration with a 02 LAN card is required. Lower configurations can make end-user internet slower.
A FreeBSD-based Firewall. The legendary firewall is used across the globe with equal popularity. It’s a free and highly customizable derivative. The UTM comes with a long list of features like:
- The most lightweight firewall.
- Features like IP Blocking, Connection limit, time based rules make this unique.
- NATing can be done to run various web and other services across the internet.
- Routing features based on port numbers, protocols traffic type can make Network smooth and secure.
- Attack prevension features IDS/IPS/DPI available.
- Network snanning with Snort.
- VPN support for secures resource access across the internet.
- DNS forwarding, DHCP, DDNS services comes as default futures of the firewall.
- Captive portal based authetication make user environment secure.
- Logs and reports get generated for time to time resource monitoring.
Pros and Cons
The firewall is highly complicated to configure. Managing pfSense required a level of experience to manage and configure desired futures. But, the firewall is highly lightweight and rich-featured. There is no such thing that can not be deployed and achieved in terms of any typical UTM.
The very straightforward Debian-based firewall. A quick install and can few click deployable server. Both paid and free versions are available for the firewall. Key features can be considered as:
- DNS and DHCP services.
- Intrusion detection system.
- Virus and common attacked can be blocked with free version.
- Rick featured phish block possible even with free version.
- Captive portal based authentication.
- Application control like audio, video, exe access can be managed.
- Free VPN avaible for secured resource access providence.
- Downlodable pdf reports.
Pros and Cons
A very low resource consumption runs well even with old hardware. Only limited features are available with the free version of Untangle.
The OpenPNsense firewall and routing platform is open source, easy-to-use, and easy-to-build FreeBSD based. There are many features in OPNsense that are available in commercial firewalls, and often more. By combining the benefits of open and verifiable sources with the rich features of commercial solutions, it offers a powerful combination.
- Load balancing and traffic shaping.
- Two factor authentucaion for extra layer of securtiy.
- DNS, DHCP and DNS forwarder.
- Intrusion detection and preventions.
- Captive portal for centralized authentications.
- Open Source and free VPN services.
- Builtin RRD Graphs and other graphic utility for network monitoring.
Pros and Cons.
A free but secured firewall.A very easy to very UTM service. Very rich documentation is available for day-to-day troubleshooting. High server configuration is recommended to keep resource access at a good speed.
Last, but not least UTM service. In fact, this firewall is my personal favorite. I have used that OS in a real-time environment. Both paid and community versions of the Server are available. Let’s have a quick review of the features:
- VPN Server.
- Mail Server.
- DHCP and DNS Services.
- File Server.
- Captive Portal.
- Rick IDM system.
- User authenticaiton and management.
- Email Clients and chat server available.
- Multiple WAN connection support.
Pros and Cons
Rick configuration server is required. At least mid-level Sys Admin is required to manage the server. The Server is more then just a firewall, so plan your requirements that can be fulfilled with Zentyal in addition to firewall utility.
There is a long list of Firewall OS available in the market. Yet, er tried to list the popular one. Each of the mentioned UTM has its own limitations in terms of free availability. But, some firewalls like PFSense and Zentyal still provide an experience of any commercial and paid UTM services. But, Administrators are required to do all testings and fill gaps before making the network live with these firewalls. Stay tuned for the next article.