Автоподбор страны, региона, города
Введите начальные буквы названия и через секунду-две выберите вариант из появившегося списка
Если такого названия в списке нет - напишите нам

Подробнее об автоподборе
26 июля 2021 г. 13:59, США Смотреть на карте

Firewalls of 2021 to Secure Your Linux Systems

A firewall is made up of a set of rules. When a data packet enters or exits a protected network region, its contents (particularly information about its source, destination, and the protocol it wants to use) are examined using firewall rules to determine if it should be allowed through.


ClearOS is by far the slickest and most attractive firewall distribution in this roundup. It’s clear that a lot of thought and effort went into building the interface.

Because most anti-virus distributions are written for geeks, it’s great to see a refreshing departure from what appears to have been the de facto standard of “cobble it together and worry about the interface afterward.” To attract more sophisticated users, ClearOS will cheerfully and readily operate from the command line.

The installation is easy and efficient, taking about 10 minutes to complete. Depending on how you want to use ClearOS, you have the option to start as a Public Server or a Gateway. After that, reboot, and you’ll have all the information you need to control and access your new firewall.

It won’t take long to become comfortable with all of ClearOS’ various settings and features once you’ve done the setup and obtained the website admin system, as the distribution provides ‘Getting Started’ assistance as soon as you log into the interface. Setting up firewall rules, as well as a lot of other configurations, is simple and quick.

The most important feature of ClearOS is its usability, but this distribution is much more than just a pretty face. It also has a lot of capabilities – not only does it provide a simple, clean interface for controlling a firewall, but it also allows you to add additional services to your system.


Despite being completely different from IPFire, this distro uses a highly useful color-coding technique to denote multiple connections, which is very similar to that of the latter. IPCop was originally a branch of Smoothwall (which we’ll talk about later), but it was later offered by the IPFire team because IPCop upgrades are few. The most recent version (2.1.9) was released in February 2015.

The setup is straightforward, but there are a few unexpected questions thrown in for good measure. Although these can be perplexing to a beginner user, needing the default parameters will not cause any issues unless your network configuration is extremely unique. The setup image is rather tiny (about 60MB) and can be copied on a DVD or flash drive, which is one of IPCop’s main advantages.

The net layout of IPCop appears clumsy, but this is purely psychological, as it is incredibly responsive. Apart from the ‘real-time’ charts that Smoothwall gives, IPCop delivers a wealth of information about your LAN setup, as well as the firewall’s operation, including a list of currently open links.

The Firewall also includes a ‘caching proxy,’ allowing you to cache frequently visited pages from anywhere.

While IPCop isn’t the prettiest distro on the planet, it does a superb job as a firewall, providing a wealth of information about traffic in your system, and while it isn’t the nicest distro on the planet, it performs precisely what it is supposed to do.

IPCop was originally a branch of Smoothwall, but it was later offered by the IPFire team because IPCop upgrades are few. The most recent version (2.1.9) was released in February 2015.


OPNsense is a simple-to-use open-source firewall based on FreeBSD 10.1 for long-term stability. Clearly, the job title is derived from the words ‘open and feel’, which signify ‘Open source is logical.’ In January 2015, the OPNsense project began as a fork of the well-known firewall pfSense.

The group claimed that their motivation for paying an extra for the project was partly due to the type of license pfSense was using at the time and partly because they believed they could create a more stable firewall.

Weekly security updates are provided by OPNsense, allowing it to respond quickly to attacks. Many complex functions, such as forward caching proxy and intrusion detection, are generally only found in commercial firewalls. It also supports the use of OpenVPN.

OPNsense includes a feature-rich GUI designed in Phalcon PHP that is a joy to use. Apart from being more appealing than pfSense’s port, OPNsense was created in part because the group believed that the graphical interface should not have root access, as this could lead to security issues.


A very basic search bar is included in the GUI, as well as a whole new System Health section. When analyzing your own network, this module is interactive and provides visible feedback. You can also export your data as a CSV file for additional analysis. This is a powerful type of Deep Packet Inspection in which OPNsense can inspect individual information packets or links and prevent them from reaching the sender if necessary, rather than just blocking an IP address or interface. OPNsense also offers LibreSSL as an alternative to OpenSSL.


IPFire is a Linux firewall distribution that focuses on user-friendliness and ease of installation without jeopardizing your security and includes features such as intrusion detection.

IPFire is designed specifically for men and women who are new to firewalls and media, and it can be set up in a matter of minutes. The setup procedure allows you to divide your system into different security sectors, each of which is color-coded. A secure green section represents all typical customers who are linked to the local wired network. The red portion represents the internet.

Unless you have configured the anti-virus to allow visitors to travel from crimson to any other section, no visitors can pass from crimson to any other sector. Getting a device with two network cards with only green and red portions is the default installation. However, you can use a blue section for wireless links, and an orange part called the DMZ for practically any public servers during the installation process. After the first setup, you can use an intuitive web interface to configure better and more features and add-ons.


pfSense, like OPNsense, is based on FreeBSD and is designed to serve as a router and firewall. As previously said, the split between these two tasks was acrimonious, but pfSense retains a sizable user base.

This distribution can run on a wide range of hardware, but it currently only supports the x86 architecture. A helpful hardware manual is available on the website to help you choose a compatible device.

.Although the installation is done from the command line, it is very simple. You can boot from a CD or USB drive. Instead of assigning ports once you’ve booted to the internet interface, the installation assistance will ask you to do so during setup. Auto-detect attributes can be used to find out which network card is which. Multi-WAN, Dynamic DNS, hardware failover, and unique authentication methods are just a few of the built-in features of the firewall. pfSense, unlike IPFire, provides the ability to create a captive portal, where all DNS questions can be resolved to a single IP address, similar to a landing page for a public Wi-Fi hotspot.

The distribution has a simple user interface and is very easy to use. Because it is based on BSD, some vocabulary will be confusing at first, but it should not take a long time to learn.PfSense is one of the most feature-rich firewall releases available, although it is not sufficient due to the lack of additional non-firewall-related features. If all you need is a simple firewall, you can’t go wrong with pfSense; but, if you need more than that, you should consider one of the other distros.


The best firewall distro for you is mostly determined by your specific demands, but whatever they are, gaining security from your firewall is a matter of common sense these days, considering the vast amount of threats online. However, in addition to basic protection, after your firewall is configured, it may be beneficial to have a number of extra features for good measure.

Visit: canon.com/ijsetup


 оценок 0

Автор: Статус: offline daniel11ryan
просмотров: 22
Ключевые слова: 
Поделиться в:   icon   icon   icon   icon   icon    

Чтобы добавить комментарий Вы должны зарегистрироваться или войти если уже зарегистрированы.

(Вы можете отправить комментарий нажатием комбинации клавиш Ctrl+Enter)