SMEs can do not need to spend a lot of money to purchase professional-grade firewall.
In recent years, some professionals found that some claim to be impossible hardware firewall functionality is not magic, but its price is alarmingly high. Due to the number of SMEs do not have sufficient security professionals, plus some manufacturers "huyou" so that many units have spent a lot of wasted money but not see the security situation has improved remarkably. Therefore, the author believes it is necessary to talk about how to use open source software will transform ordinary computer become a good professional-grade router/firewall device. IPCop http://www.ipcop.org/index.php is at its core, this software is essentially a firewall device. It should be said that it is a play hardware firewall feature of Linux distributions, so you can protect the user's network from external or internal threats. It is available through the CDs, Flash disk, HTTP/FTP network installation and setup process simple and intuitive. Figure 1 the software also have multiple language support, and the small Linux distributions almost can be run on a range of platforms, it can be said that this is a proven firewall products. In addition, this software has a large number of plug-ins. My favorite is the Banish and Copfilter this two plugins, both can be used for real time filtering of malware and viruses. For example, you can use the following Banish IPtableschains to create IPtables logs and drop statement: CUSTOMINPUTCUSTOMFORWARDCUSTOMOUTPUT figure 2 and Copfilter is a fantastic open source projects, it will behavior of IPCop extended to the application layer, making it significantly enhances the IPCop's features, such as: POP3/SMTP scanner can scan into and out of e-mail, HTTP scanning use HAVP, it can guarantee the security of Web communication, also available through the agent to filter or clear cookies, ads, and other junk information. The biggest feature for anti-virus scanning, or through ClamAV to scan communications F-Prot find malicious software. However, F-Prot is a commercial product, the user must obtain a license to use it. Anti-spam features mainly through SpamAssassin, Razor and DCC to form efficient anti-spam defense front. In addition, process monitoring is worth mentioning, Monit users can monitor all processes and, if required, you can restart it.
No comments:
Post a Comment