The Securepoint Unified Threat Management (UTM) security solutions provide all important security applications (firewall, VPN gateway, virus scanner, spam filter, Web filter, IDS, etc.) within a corresponding server environment, to ensure smooth updates of all systems and to make the everyday usage of these systems successful and secure for companies. They are available as UTM hardware appliances, as virtual appliances, and as a pure software solution which can be installed on standard computer systems and may be adjusted according to individual requirements. Securepoint is Windows 7-ready and supports IKEv1 and IKEv2.
Zentyal (formerly eBox Platform) is a small business server that offers small and medium businesses an affordable and easy-to-use enterprise-level computer network. It can act as a Gateway, Infrastructure Manager, Unified Threat Manager, Office Server, Unified Communication Server, or a combination of these.
CacheGuard Appliance is an all-in-one OS appliance providing firewall, antivirus, caching, compression, bandwidth allocation, load balancing, reverse and forward proxy, high availability, Web application firewall, URL guarding, and more. It can be purchased as an OS to install on your server, as an OS to run in a virtual machine, or as a hardware appliance.
Fing is a command line tool for network and service discovery. It provides you a complete view of any network in a very short time. Its smart discovery automatically detects the network type and uses the best technique to scan it. The best results are achieved on Ethernet networks (including Wireless ones), where Fing is able to detect all network hosts, firewalled ones included. The service discovery feature quickly detects active TCP services on a target host or network. Fing is based on Look@LAN.
SpamBlock counts attempts to establish a connection on port 25/tcp via tcpdump. When a host exceeds the allowed number of attempts per unit of time, it is added to a corresponding ipfw table and email notification is sent. Spamblock currently supports ipfw only, but it can be easily adapted for any firewall and OS. It can also be configured to watch multiple ports to prevent Telnet and SSH attacks in addition to SMTP.
Membrane SOAP Router is a modular SOAP intermediary written in Java. It is fully configurable due to Spring style configuration. You can audit SOAP traffic, route messages through DMZ, and gather performance statistics. The small memory consumption of less than 20 Megabytes makes it possible to run an instance of Membrane SOAP Monitor on any computer that provides or consumes Web services.
'blaze' is a Netfilter iptables firewall script that is meant to be ridiculously easy to use, pretty basic, but powerful enough to handle a box with multiple NICs to support gateway usage, possibly with NAT. Setup should take no more than five minutes. Logging is not currently supported.
Borderline is a firewall generator. It takes a generic rule specification as input and generated an highly optimized firewall. It features IPv6 rule generation, support for multiple interfaces, and integrated support for network zones. It currently only supports firewall generation for Linux 2.6 (netfilter).
ClearOS is an integrated network server gateway solution for small and distributed organizations. The software provides all the necessary server tools to run an organization including email, anti-virus, anti-spam, file sharing, groupware, VPN, firewall, intrusion detection/prevention, content filtering, bandwidth management, multi-WAN, and more. You can think of it as a next generation small business server. Through the intuitive Web-based management console, an administrator can configure the server software along with integrated cloud-based services.
HLBRW is an acronym for Hogwash Light BR Watch. It is a tool to help make rules for HLBR. In other words, HLBRW was made to be used by HLBR users needing make new rules. It requires some expertise with HLBR, the TCP/IP protocol suite, and regular expressions. HLBRW is a script started by iwatch (a system events watch program) when the HLBR event log is modified. The concept is very single: if the HLBR log was modified, then a known attack was blocked. But the attacker might take other subsequent actions unknown by HLBR. When HLBRW starts, it will coordinate a tcpdump session to record the traffic generated by the attacker's IP address for the next few minutes. If the recorded traffic isn't relevant (without a push in TCP or another relevant protocol), the created file will be deleted. Based on the recorded traffic, the network security manager can make new rules. HLBRW is part of the HLBR project, an intrusion prevention system (IPS) used in firewall systems.