Can Linux be use as an alternative to checkpoint firewall?
Hi Gurus,
I have very little experience with Linux. We have a challenge to seek an alternative to our costly checkpoint firewall and I'm wondering if it is possible to configure a Linux server to serve as a firewall. If it's possible, what distro should I go for? My company's standard is RedHat and it would be great if RedHat can be used. Thanks! |
In linux iptables can be used as a firewall. But it can't replace checkpoint firewall, subset functions of checkpoint firewall specially ip filtering can be performed by iptables. access www.netfilter.org for more information
thnks |
Linux can perform firewalling quite nicely but it would be necessary to know what level of firewalling you implement.
There are open source firewall solutions like IpCop, Endian, Untangle. Look at them. Most of them are free downloads. |
Quote:
Rather than just tossing in a product name let's see what features you seek. If just blocking of certain ports or narrowing traffic to certain ports down to certain IPs, or forwarding certain traffic to "internal" (e.g., a DMZed webhost) machines is all you need, IPtables will do just fine. If you need application layer protection, you can use proxies for certain things. And there's http://l7-filter.sourceforge.net/ ... of course one can also chuck snort into the mix, and psad and fwsnort. The question is: is your company happy to pay for their staff to tailor their solution? Cheers, Tink |
Quote:
Thanks. Is this iptable available to all types of Linux including RedHat? |
Quote:
|
yes, iptables is available for all common linux distro. You can also download source code from netfilter.org and compile it.
thnks |
Many thanks everyone. Time to get my hand dirty.
|
All times are GMT -5. The time now is 02:56 AM. |