360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
Proto Balance is a load balancing and traffic management system that can handle up to 10,000 concurrent connections and 20,000 downloads per second. Proto Balance is a load balancer and TCP traffic port forwarder for high availability. It features an easy-to-use Web interface that requires minimal knowledge of networking and no command-line experience. Its target audience includes enterprise cluster providers, Internet service providers, and network administrators.
NetGuard is intended to be a complete, embedded firewall solution. It is based on the Debian GNU/Linux operating system, and uses iptables to effectively manage your home or corporate LAN. It's designed to run on a wrap router board, which is hardware that can be run with no fan, no noise, and less power current. NetGuard can be also run on an old PC using the generic PC version.
OpenFWTK is an application proxy toolkit which inherits the ideology of TIS fwtk and maintains API backwards compatibility. The design goal is to make it simple yet powerful; no performance hacks are allowed in the code and library dependencies are reduced to a minimum. It is a true application layer filter. It features unified pluggable content inspection for the most frequently used protocols, NAC (Network Admission Control), and the ability to define fine-grained Internet access policy based on browser identification.
sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.
Vanguard provides enterprise class anti-virus and anti-spam protection to multiple internal mail servers, including the Gordano Messaging Suite, Microsoft Exchange, and IBM Lotus Notes/Domino. Dual anti virus scanning engines provide both traditional signature based virus protection and advanced Zero Hour protection. Any number of internal servers can be protected from a single Vanguard server. Each of those servers may be servicing the same Internet domain, separate Internet domains, or even multiple Internet domains on a single server. There is no limit to the number of protected domains or message throughput.
Tableutil is a utility for converting, aggregating, and performing operations (currently unions, differences, complements, and intersections) on lists of IP addresses. Its primary use is to convert files into a format pfctl(8) can read. It can read plain-text files with ranges (126.96.36.199-188.8.131.52), CIDR-style networks (192.168.0.0/24), single addresses (242.242.242.242), or host names (one.two.com). It can also read p2b files, the preferred file-format of PeerGuardian.
ITVal is a decision-diagram based query engine for testing and verifying iptables firewalls. Because firewalls can be very complicated, it is often difficult to know whether your firewall is correctly configured to protect against various attacks. ITVal allows the system administrator to quickly and easily verify that the firewall setup satisfies a set of security properties expressed as queries. Queries are specified in a simple English-like language that is very easy to use. Advanced firewall techniques, such as NAT and stateful filtering, are supported.