Trustix™ Enterprise Firewall is a WYSIWYG firewall for iptables. It provides drag and drop security policy deployment and allows you to visualise DMZs, integrate branch offices with 3DES encrypted VPN tunnels, accelerate Internet access times with proxy caching server, and authenticate remote workers with PKI X.509 certificates. The unique GUI also allows you to manage traffic for all your zones (up to 24) as well as port forwarding and network address translation (NAT).
mSuite is a solution for enterprise-wide infrastructure management. This solution uses Monolith Event Manager (Event/Fault), Action Manager (E&N), and Reporter (Historical Reporting). Monolith integrates with a variety of availability and performance tools based upon a client's needs. mSuite can monitor syslogs, SNMP traps, and NT event logs.
SpotSec Network Gateway is an all in one Linux firewall and gateway distribution that features a Web-based management console. It is designed to be a unified threat management system to protect and defend a network. Common features include intrusion detection and prevention and HTTP, SMTP, and POP3 proxies with content filtering and virus scanning. The design of the Web interface is centered around the definition of networks, services, users, and time events, which allows easier modification of packet filter rules.
vpn-shaper is a dynamic traffic shaper for openvpn, poptop, and similar programs, using iproute2. It allows shaping of traffic between many users conected to one server, and it supports different prioritiy schemes for different users and different types of traffic. Trafic shaping uses the HTB qdisc. Prioritization uses l7-filter and ipp2p and some of the patch-o-matic extensions. Classification of trafic in HTB classes is done by using the IPMARC patch-o-matic extension. vpn-shaper requires the IPMARK patch-o-matic extension, connmark iptables match, and HTB qdisc.
Firekeeper is an intrusion detection and prevention system for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser-based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.
The ipoque PRX traffic manager effectively detects and controls all major peer-to-peer (P2P) filesharing, instant messaging (IM), and Voice over IP (VoIP) protocols. Bandwidth and volume limits can be assigned to network links, subnets, individual users, and user groups. Detailed usage statistics are provided and can be exported for post-processing. This community edition is a fully functional version with a bandwidth limit of 2 Mbit/s.
Swan is a bandwidth manager and Internet gateway that effectively controls and manages the collective bandwidth of an organization. As an Internet gateway it includes a transparent proxy, caching engine, access control lists, caching DNS server, logging and monitoring tools, an authentication mechanism, bandwidth clubbing, and policy management. It is ideal for ISPs, corporations, schools, colleges, etc. Both GUI and console-based interfaces are available for controlling the software. Installation is through a bootable CD that automatically formats the system.
Dante is a free implementation of the proxy protocols SOCKS version 4 and SOCKS version 5 (RFC 1928). It can be used as a firewall between networks, controlling outgoing traffic. The package consists of two parts: a socks server and a proxy client that supports socks, HTTP proxies, and UPnP. RFC 1961 (GSSAPI) is supported in both the client and the server. Commercial support is available.