Sphirewall is a user-centric analytical network firewall/router. Out-of-the box, it provides user authentication coupled with powerful analytics which provide you with complete control over your network and users. With Sphirewall, you can manage and understand what is happening on your network with features such as qos, bandwidth quotas, user authentication, and much more. Not built on iptables, it is able to do things which other Open Source firewalls can't. Its very flexible, and with its open JSON API, can easily be plugged into any existing environment.
Clement is an email server application. Its main function is to block unwanted mail (spam) as soon as possible in the email exchange process. It accepts or rejects email while the SMTP session, initiated by the email sender, is still pending, accepting legitimate email messages without the need to return an error status to non-existent or "borrowed" return address later. Clement can operate in two modes. Either the mail is taken into account locally and stored in the recipient's own area, or it can transmit the mail to an another SMTP server (Sendmail, Postfix, Exim, Exchange, etc.). Each email domain name Clement knows about can be treated in one of these two modes depending on the group to which the domain name has been set. Each message is verified by a virus scanner (ClamAV) while the SMTP connection is still open, but the refusal of mail and the reason for refusal is notified to the actual sender. Mail management is done via a Web interface and can be delegated to three administrative levels (Root-Admin, Group-Admin, Domain-Admin). Standard users can access their own logs (sent email status, email rejected, quarantined email, etc.). With this interface, the user can handle the rejection and acceptance of mail. Users who are level "Admin" can access the session logs (via the Web interface). Clement uses a SQL database (PostgreSQL, MySQL) to store and manage logs, user profiles, and dynamic management of directives concerning the sender-receiver relationship.
check_nwc_health is a plugin for the Shinken (or Nagios/Icinga) monitoring system. It is used to check hardware health, environment, interfaces, pools, uptime, etc. of a great range of the most popular network components like switches, routers, firewalls, proxies, load balancers, etc. Currently it can monitor: Cisco IOS, Cisco Nexus, F5 BIG-IP, CheckPoint Firewall1, Juniper NetScreen, HP Procurve, Nortel, Brocade 4100/4900, EMC DS 4700, EMC DS 24, Allied Telesyn, and Blue Coat SG600.
ClearOS is an integrated network server gateway solution for small and distributed organizations. The software provides all the necessary server tools to run an organization including email, anti-virus, anti-spam, file sharing, groupware, VPN, firewall, intrusion detection/prevention, content filtering, bandwidth management, multi-WAN, and more. You can think of it as a next generation small business server. Through the intuitive Web-based management console, an administrator can configure the server software along with integrated cloud-based services.
Jkaptive is a simple captive portal without RADIUS (and thus without total security, but at the same time without too much hassle). The reason behind this is because a lot of site administrators don't need tight security; their site is just a café that offers free Internet access on an unsecured WLAN access point connected to the Internet, and they need a ticketing system to make it cumbersome for average people to use this offering without actually buying a single coffee. Jkaptive itself just presents the login page and checks the token. The blocking of unticketed traffic is done through Linux' netfilter. As no proxy server is involved, jkaptive has no performance penalty, nor does it create problems with non-HTTP traffic. Once the token is accepted, jkaptive is out of the way of any network packets completely. For presenting the login page, jkaptive has a built-in Web server, so no additional Web server application is needed.
The Securepoint Unified Threat Management (UTM) security solutions provide all important security applications (firewall, VPN gateway, virus scanner, spam filter, Web filter, IDS, etc.) within a corresponding server environment, to ensure smooth updates of all systems and to make the everyday usage of these systems successful and secure for companies. They are available as UTM hardware appliances, as virtual appliances, and as a pure software solution which can be installed on standard computer systems and may be adjusted according to individual requirements. Securepoint is Windows 7-ready and supports IKEv1 and IKEv2.
StopHack is a simple to use and easy to install intrusion prevention system. It is fully adaptable and easily customized to your environment. It is built on top of proven bandwidth arbitration technology so the traffic passing through it won't be slowed down. Every packet is analyzed with regular expression-based behavior anomaly detection, and hackers are blocked immediately. It prevents reflected cross-site scripting, SQL injection, directory traversal, reflected URL redirects, login brute forcing, remote shell execution, and more.
CacheGuard Appliance is an all-in-one OS appliance providing firewall, antivirus, caching, compression, bandwidth allocation, load balancing, reverse and forward proxy, high availability, Web application firewall, URL guarding, and more. It can be purchased as an OS to install on your server, as an OS to run in a virtual machine, or as a hardware appliance.