PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2003

Commercial firewalls vs. Open source firewalls

Enterprise-class firewalls, such as those made by Check Point Software Technologies, Cisco Systems and NetScreen Technologies, have long been marketplace commodities. Out of the box, they provide reliable, relatively easy-to-use security solutions. And the vendors also provide 24/7 support and ongoing maintenance. The problem with commercial firewalls is that they are expensive. Open-source firewalls, such as iptables, a freeware Linux tool developed by Netfilter, aren't nearly as easy to use, but they're quickly catching up in features and functionality. And price? Well, that's hard to beat. iptables boasts many features normally only found in commercial firewalls, including packet defragmentation, rate limiting, packet content inspection and protocol state tracking. Some security managers may ask, "Is iptables capable of replacing commercial firewalls?" To find out, we compared iptables to Check Point's FireWall-1 running on Nokia IPSO in six areas: packet filtering; policy management; integration of VPNs, NAT and routing ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue