Tags:Linux Opensource Firewall Security
Firewall Builder is an Opensource multi-vendor Firewall Configuration and Management GUI tool. It uses a set of policy compilers for the different firewalls supported. If you are a Network administrator supporting multiple sites and multiple firewall devices then you would know what difference a central Firewall Manager can make to the day to day task. A Netscreen Security Manager for Junipers or the admin tool for checkpoints is an example, despite these being expensive commercial options from the very own vendors. Firewall Builder on the other hand a hetrogenous, vendor neutral configuration and management tool with support to more than one single platform and an easy design allowing expanding support more platforms.
Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
Firewall Builder uses the same Object database (hosts,networks,services etc) for all the different vendor firewalls in an xml format and any change to any of the object will automatically update the rules on the policy sets and they only need to recompile the policies and apply to the firewall devices. Maintaing the Object Database in XML format and keeping the GUI and policy compilers completely independent makes it easy to expand support new firewall platforms.
In Firewall Builder, administrator works with an abstraction of firewall policy and NAT rules; software effectively "hides" specifics of particular target firewall platform and helps administrator focus on implementation of security policy. Backend software components, or policy compilers, can deduct many parameters of policy rules using information available through network and service objects and therefore generate fairly complex code for the target firewall, thus relieving administrator from having to remember all its details and limitations. Policy compilers can also run sanity checks on firewall rules and make sure typical errors are caught before generated policy is deployed.
Firewall Builder supports
- iptables on Linux (Kernel 2.4 & Kernel 2.6)
- ipfilter on Sun Solaris, FreeBSD and OpenBSD
- ipfw on FreeBSD and MacOS X
- pf on OpenBSD
- CiscoPIX (commercial license)
- Cisco IOS Access Control Lists (commercial license)
- Linksys Firewall running sveasoft and OpenWrt firmware
Firewall Builder can run on
- Redhat Linux, Mandrake Linux 10, Suse 9.1
- FreeBSD 5.3
- MacOS X
- Windows XP SP1 and later
Firewall Builder licensing is a dual-license model where all the opensource modules are available under GPL while the commercial modules are licensed under its own Netcitaadel End User licensing model.
The Firewall Builder software has great documentation and lots of How Tos, installation guides and a good FAQ to support this very good piece of software.
For more information and download, click here to visit the homepage of Firewall Builder.