Endian Firewall is a company specializing in the functions router, firewall and gateway security Linux distribution of the South Tyrolean company Endian.
Optionally, the product is available as free software, commercial software with guaranteed support services or as a hardware appliance (including support services).
Optionally, the product is available as free software, commercial software with guaranteed support services or as a hardware appliance (including support services).
Short description
The Endian Firewall is a turnkey Linux Security Distribution, which is an independent, unified security management solution. The Endian Firewall is based on a hardened Linux operating system. The system is installed on a PC using a boot CD and operated without monitor (headless). The server can be configured via a web interface (see Figure "The web interface of Endian Firewall") ir via the serial interface.
The main task of Endian Firewall is a gateway, router and firewall, and can act as a proxy for web, email, FTP, SIP and DNS. Up to four different networks (dependent on the number of network cards installed in the host PC) are normally managed, as shown in Figure "scheme of the network topology." Networks are configured through the web interface. With Endian this ("Scheme of Network Topology" see also Figure) are differentiated by color coding:
- Red Network: connection to the insecure Internet
- Green Network: Secure intranet e.g. file server.
- Orange Network: Part Safe Demilitarized Zone (DMZ) . This includes devices that operate their own server and must be accessible over the Internet, such as Web or FTP servers.
- Blue Network: Secure wireless part, here on wireless devices can be connected. Thus, they are separated from the green network, which increases its security.
The Endian Firewall includes support for load balancing, which means you can add another connection to the Internet from the red network; Endian Firewall then distributes the network load on both interfaces.
License
Behind the Endian Firewall is the Italian Endian srl from Appiano, South Tyrol and a community of volunteer developers and helpers. The license model of Endian provides a commercial version and a free version before:
- The commercial version can be purchased either as a standalone software (the product is called Endian or simply Endian UTM Software) in order to install them on their own PCs, as well as in the form of finished Out of the Box - firewalls, with special hardware on which the software is preinstalled. There are currently four hardware variants with different performance and for different network sizes: Mini , Mercury , Macro and Macro X2 .
- The free version (the product is called Endian 'Endian Firewall Community' 'version) as the product' 'Endian UTM Software' 'specialized software for installation on your own hardware. However, it is under the GPL and is therefore free software that can be downloaded free. The community version does not include support. Not all features of the commercial version are transferred to the community version, and those new features that are added to the community version are only added later.
Featured
The versions 2.2 and 2.3 include the following key features:
Gateway
- Support for ADSL modems (USB, PCI)
- ISDN support
- Ethernet support
- Load Balancing
- Traffic Shaping
- Multiple public IP addresses
Firewall & Security
- Firewall (both directions)
- Demilitarized Zone
- Intrusion Detection System
- Web-, FTP- and E-Mail-antivirus
- Web- and E-Mail-Antispam
- Content Filter
- Hotspot/Wireless Access Point Security (Enterprise editions only)
- HTTPS- Web interface
- SSH- Access and Forwarding
Starting with version 2.3
- Scheduler for automated backups
Server Services
- Transparent HTTP, FTP, SMTP and POP3-Proxy server
- Caching DNS-Server
- DHCP-server (separately for the green, blue and orange network)
- Network Address Translation
- SIP VoIP-support (since 2.4.1 no longer included)
- Virtual Private Network (VPN) Gateway with OpenVPN or IPsec
- NTP-Server
Starting with version 2.3
- Policy-Based Routing (port, MAC address, protocol or port)
- Generic SNMP support
- VLAN support (IEEE 802.1Q trunking)
User Management
- Local
- RADIUS
- LDAP
- Active Directory
- NTLM Single Sign-On
Version 2.3
- User or group as HTTP proxy content filter rules
Logging & Monitoring
- Visualized Live Log Viewer (AJAX based), see figure "The web interface of Endian Firewall"
- Log the activities and the stress of network and hardware
- Connection statistics
- Forwarding possibility of syslogs to an external server
Version 2.3
- Top with integrated DASH Board
- Event-based notifications by e-mail
Others
- Support Software-RAID
History and compared to the original
Endian Firewall is a fork of the Linux firewall IPCop, which in turn is a fork of SmoothWall. Due to numerous further developments only one-fifth of the original IPCop Code is used. Newer versions based initially on Linux From Scratch and from version 2.2 to RHEL or on CentOS. With the upcoming version 3.0, Endian Firewall is virtually "Smoothwall-" and "IPCop free".
The biggest difference from IPCop is that the Endian Firewall is no longer merely a pure router / firewall - combination, but a comprehensive gateway security solution (Unified Threat Management). For this, a virus scanner and a spam blocker have been firmly integrated into the distribution. This allows the transport of HTTP, FTP, POP 3 and SMTPscanned in real-time and optionally filtered.
In addition, the menus were refined from the IPCop approach, reducing complexity, but also reducing configurability of the individual services.
With regard to the business model, Endian is different to its origins in SmoothWall and IPCop as follows:
- SmoothWall: a commercial version is developed by SmoothWall Ltd and a free version by a community of volunteers. Innovations in the commercial version are only partially transferred, and security updates are sometimes deliberately delayed in the free version. This policy was the reason for the forking of Smoothwall and community development of IPCop
- IPCop: development exclusively by a community of volunteers with only a free version.
- Endian Firewall: Friendly refinement of IPCop with the aim to expand the software functions to create a comprehensive security gateway software. As with SmoothWall, Endian Firewall also includes features in the commercial version features that are missing from the free community version.
Resonance
- The Endian Firewall is part of c't-Debian-Server Version 4 (published by August 2009) and this was already 2007.
- In July 2005, the Endian firewall was OSDir elected Project of the Week.
- The Linux Magazine 09/2008 has Endian Firewall UTM Appliances 2.2 and tested the system to certify a test result in the upper middle of comparable products.
No comments:
Post a Comment