360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
AsItHappens is a real-time network statistics collector and grapher. It collects data from devices over a network via ICMP and SNMP and displays them on a graph, optionally storing collected data in a database for later retrieval. Collection types include network response, bandwidth usage, processor usage, memory usage, Cisco NBAR, and Cisco NetFlow. AsItHappens polls data in regular intervals, which can be in the order of milliseconds, to give immediate feedback on network performance, and it can also graph flow information from packet capture files. AsItHappens includes the Self Defending Network, a horizontal shoot-em-up based on collected graph data.
Astaro Security Gateway (formerly Astaro Security Linux) is an all-in-one network security gateway that includes a firewall, intrusion protection, antivirus, spam protection, URL filtering, and a VPN gateway. Features include a modern packet filter, intrusion detection and prevention, portscan detection, application control, content filtering, virus detection for email and Web traffic, profile handling, L2TP, IPSec, SSL, and PPTP VPN tunneling, spam blocking, proxies for HTTPS, HTTP, FTP, POP3, SMTP, DNS, VoIP, SOCKS, and Ident, logging, and reporting. It supports Ethernet, VLAN, PPP, PPPoE, PPPoA, Cable Modem, IPv6, QoS, Link Aggregation, and WAN-Uplink-Load balancing in routing, and bridge mode. The WebAdmin GUI, Install Wizard, Change Tracking, Printable Configuration, and Up2Date service make it easy to install, manage, and maintain.
BGPHist is a tool that receives MP-BGP updates, decodes them, and writes them to a database for logging and monitoring purposes. It supports not only Internet routes, but also IPv4 VPN, IPV6 VPN, and L2VPN. It sounds text output, MySQL databases, and Oracle databases. For the MySQL backend, there is also a simple PHP frontend. It could be used to monitor and log an ISP's customer activity for Internet and VPNs, as a passive BGP looking glass, or as a backend for some external monitoring and accounting system.