360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
DenyThem is a program designed to protect your Linux system from malicious attacks. It is an active response system to disrupt and block dictionary attacks and DOS attacks. DenyThem by default uses /var/log/syslog and /var/log/auth.log and searches for hack attempts. When DenyThem finds enough hack attempts from a single host, it will add a DROP statement to your system's firewall, thus preventing future attacks. DenyThem uses iptables, so it will only work on Linux or any other system that uses iptables. It can also block traffic from specific countries.
Swan is a bandwidth manager and Internet gateway that effectively controls and manages the collective bandwidth of an organization. As an Internet gateway it includes a transparent proxy, caching engine, access control lists, caching DNS server, logging and monitoring tools, an authentication mechanism, bandwidth clubbing, and policy management. It is ideal for ISPs, corporations, schools, colleges, etc. Both GUI and console-based interfaces are available for controlling the software. Installation is through a bootable CD that automatically formats the system.
sipscreen is a Linux iptables QUEUE target handler for screening inbound SIP phone calls flowing through a Linux gateway. If you have a Vonage appliance, or other voice-over-IP adapter located behind a Linux router, you may find sipscreen useful for accepting or rejecting calls based on the caller ID information, time of day, or other custom algorithms.
Firetable is an IPtables firewall script for Linux. It has no graphical interface, and all the configuration is done via configuration files. This makes Firetable ideal for servers. The syntax of the configuration file is easy to learn and logical. Multiple interfaces can be maintained independently.
SpotSec Network Gateway is an all in one Linux firewall and gateway distribution that features a Web-based management console. It is designed to be a unified threat management system to protect and defend a network. Common features include intrusion detection and prevention and HTTP, SMTP, and POP3 proxies with content filtering and virus scanning. The design of the Web interface is centered around the definition of networks, services, users, and time events, which allows easier modification of packet filter rules.
mSuite is a solution for enterprise-wide infrastructure management. This solution uses Monolith Event Manager (Event/Fault), Action Manager (E&N), and Reporter (Historical Reporting). Monolith integrates with a variety of availability and performance tools based upon a client's needs. mSuite can monitor syslogs, SNMP traps, and NT event logs.