Security Tools News & Tips » Firewall

NSMXpress

Niranjan — Fri, 18 Sep 2009 18:32:42 +0000

Juniper Networks® NSMXpress is an appliance version of Juniper Networks Network and Security Manager (NSM). It simplifies the complexity of security device administration by providing a single integrated management interface that controls every device parameter. This robust hardware management system installs in minutes with full High Availability (HA) support, which also makes it easy to scale and deploy. Enterprise customers with limited resources can benefit significantly from NSMXpress. That is because it eliminates the need to have dedicated resources for maintaining a security management solution. NSMXpress makes it easy for administrators to control all aspects of Juniper Networks firewall/VPN, SA Series SSL VPN Appliances, IC Series Unified Access Control Appliances, J Series Services Routers, EX Series Ethernet Switches, and IDP Series Intrusion Detection and Prevention Appliances which include device configuration, network settings and security policy.

NSMXpress Homepage

FortiClient standard edition

Niranjan — Wed, 16 Sep 2009 19:14:02 +0000

FortiClient™ standard edition offers one of the most comprehensive security suites for your PC available – including a full range of Fortinet threat protections for PCs and laptops, even when used on insecure public networks. This free download provides SSL and IPSec VPN, a personal firewall, antivirus/antispyware scanning, Intrusion Prevention and web filtering. FortiGate™ users complete their network security framework with Endpoint Control, Application Detection and WAN Optimization. Automatic updates from the FortiGuard™ subscription service ensure protection against the latest threats.

FortiClient standard edition Homepage

Check Point Power-1 Appliances

Niranjan — Tue, 08 Sep 2009 20:24:26 +0000

Check Point Power-1 appliances enable organizations to maximize security in high-performance environments such as large campuses or data centers. They combine Check Point firewall, IPsec VPN, and intrusion prevention Software Blades with advanced acceleration and networking technologies that deliver a high-performance security platform for multi-Gbps environments.

Key Benefits

- Ensures availability of business-critical applications with up to 25 Gbps of firewall throughput and total system performance (Firewall + IPS) of up to 15 Gbps

- Field upgradeable for maximum performance flexibility (Power-1 11000 Series)

-Provides a comprehensive set of security Software Blades that is extensible on demand to include Web security, antivirus, anti-spyware, and anti-spam

- Simplifies administration with a single management console for all sites

- Protects against emerging threats with Software Blade update services

Check Point Power-1 Appliances Homepage

Cisco ASA 5500 Series Firewall

Niranjan — Fri, 04 Sep 2009 20:56:26 +0000

The Cisco ASA 5500 Series Adaptive Security Appliance is a modular platform that provides the next generation of security and VPN services for small and medium-sized business and enterprise applications. The comprehensive portfolio of services within the Cisco ASA 5500 Series enables customization for location-specific needs through its four tailored package product editions: the Firewall, VPN, IPS, and Content Security Editions.

These packages enable superior protection by providing the right services for the right location. At the same time, they enable standardization on the Cisco ASA 5500 Series platform to reduce costs in management, training, and sparing. Finally, each Edition simplifies design and deployment by providing pre-packaged location-specific security solutions.

Cisco ASA 5500 Series Firewall Homepage

NS2HTML

Niranjan — Mon, 24 Aug 2009 17:00:03 +0000

NS2HTML is a tool created to convert the config file extracted from Netscreen devices into friendly HTML rulebases. It is a free tool developed from the need of gathering data from policies used at ancient firewalls under administration. It is developed under GPL license. It’s totally free, under the license terms.

NS2HTML Homepage

Turtle Firewall

Niranjan — Tue, 07 Aug 2007 03:22:04 +0000

Turtle Firewall is a software which allows you to realize a Linux firewall in a simply and fast way. It’s based on Kernel 2.4.x/2.6.x and Iptables. Its way of working is easy to understand: you can define the different firewall elements (zones, hosts, networks) and then set the services you want to enable among the different elements or groups of elements. You can do this simply editing a XML file or using the comfortable web interface Webmin. Turtle Firewall is an Open Source project written using the perl language and realeased under GPL version 2.0 by Andrea Frigido (Frisoft).

Turtle Firewall Homepage

FTester

Niranjan — Fri, 20 Jul 2007 08:07:43 +0000

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A diff of the two produced files (ftest.log and ftestd.log) shows the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a firewall. Stateful inspection firewalls are handled with the ‘connection spoofing’ option. A script called freport is also available for automatically parse the log files.

FTester Homepage

Norton Smartphone Security Premier Edition

Niranjan — Fri, 13 Jul 2007 03:27:03 +0000

Norton Smartphone Security Premier Edition (Beta) keeps your Windows Mobile 5.0 PocketPC, and Windows Mobile 5.0 Smartphone based smartphones safe. It offers: Antivirus protection: Symantec’s award-winning antivirus technology has been applied to smartphones to protect against mobile malware. AntiSpam for SMS: SMS spam messages are automatically placed in spam folder or deleted. Firewall: Controls inbound and outbound network traffic on the smartphone. Personal Data Protection: Automatically encrypt My Documents on logout. Device Password Protection: Require a password before accessing the smartphone and self-service password reset is done via a challenge question.

Norton Smartphone Security Premier Edition (Beta) Homepage

BlockSSHD

Niranjan — Mon, 09 Jul 2007 07:47:22 +0000

BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that dynamically adds IPTables rules for Linux and pf firewall rules for BSD that block SSH brute force attacks. It can also detect ProFTPd login failures. BlockSSHD checks a log file you specify, for example /var/log/secure on a Red Hat, for SSH login failure messages. If it detects a failure message it records the source IP address and starts a counter. If messages continue to be detected from the same source IP address the counter is incremented for each message. When the counter reaches a user-specified threshold then the script will add a firewall rule blocking SSH connections from that source IP address. A user-specified time-out is also defined to trigger a reset of the counter. If the counter is incremented but has not yet reached the blocking threshold and a new login failure message arrives then BlockSSHD checks the time-out. If the last increment of the counter occurred earlier than the current time minus the time-out period then the counter is reset rather than incremented. The time-out defaults to 600 seconds (10 minutes).

BlockSSHD Homepage

Fail2ban

Niranjan — Mon, 02 Jul 2007 01:41:34 +0000

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2ban can read multiple log files such as sshd or Apache web server ones. Fail2ban is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation.

Fail2ban Homepage