Endian Firewall
 | This article may require copy editing for grammar, style, cohesion, tone, or spelling. |
 | |
| OS family | Linux |
|---|---|
| Working state | Current |
| Source model | Open source |
| Kernel type | Linux 2.6 |
| Default user interface | Web user interface |
| License | Various |
| Official website | http://www.endian.com/ |
Endian Firewall is a company specializing in the functions router, firewall and gateway security Linux distribution of the South Tyrolean company Endian. Optionally, the product as free software, commercial software with guaranteed support services or completely installed as hardware (appliance) including support services is available.
Short description
The Endian Firewall is a turnkey Linux Security Distribution, which as an independent, unified security management solution (Unified Threat Management) understands. The Endian Firewall is based on a hardened Linux operating system. The system is installed on a PC using a boot CD. After a few basic settings to install, which makes the partitioning of the hard drive and the files transferred begins. After that the system can also be operated without monitor (headless). A keyboard and monitor are no longer required because the complete configuration of the server via a web interface (see Figure "The web interface of Endian Firewall") by means of another computer takes place, which is selectively connected via the network - alternatively via the serial interface to access the system.
The main task of Endian Firewall is a gateway, router and firewall, and to act as a proxy for web, email, FTP, SIP and DNS. Here, up to four different networks are normally managed, as shown in Figure "scheme of the network topology." For each of these networks a network card in your computer must be installed. They are also configured through the web interface. With Endian this ("Scheme of Network Topology" see also Figure) are differentiated by color coding:
- Red Network: connection to the insecure Internet
- Green Network: Secure intranet, here are the jobs to be protected or Intranet server, e.g. file server, connected.
- Orange Network: Part Safe Demilitarized Zone (DMZ) . to operate their own server that must be accessible over the Internet, such as Web or FTP servers.
- Blue Network: Secure wireless part, here on wireless devices can be connected. Thus, they are separated from the green network, which increases its security.
However, it may contain other, additional networks are managed. The Endian Firewall includes support for load balancing, which means you can add another connection to the Internet the red network; Endian Firewall the network load is then distributed on both interfaces.
License
Behind the Endian Firewall is the Italian Endian srl from Appiano, South Tyrol and a community of volunteer developers and helpers. The license model of Endian provides a commercial version and a free version before:
- The commercial version can be purchased either as a standalone software (the product is called Endian simply Endian UTM Software ) in order to install them on their own PCs, as well as in the form of finished Out of the Box - firewalls, within the meaning of special hardware on which the software is preinstalled. There are currently four hardware variants with different performance and for different network sizes: Mini , Mercury , Macro and Macro X2 .
- The free version (the product is called Endian 'Endian Firewall Community' 'version) as the product' 'Endian UTM Software' 'specialized software for installation on your own hardware. However, it is under the GPL Thus, free software and can be downloaded for free. The community version does not include support. Not all innovations of the commercial version are transferred to the community version, and those new features that are added to the community version are only added later.
Featured
The versions 2.2 and 2.3 include the following key features:
Gateway
- Support for ADSL modems (USB, PCI)
- ISDN support
- Ethernet support
- Load Balancing
- Traffic Shaping
- Multiple public IP addresses
Firewall & Security
- Firewall (both directions)
- Demilitarized Zone
- Intrusion Detection System
- Web-, FTP- and E-Mail-antivirus
- Web- and E-Mail-Antispam
- Content Filter
- Hotspot/Wireless Access Point Security (Enterprise editions only)
- HTTPS- Web interface
- SSH- Access and Forwarding
Starting with version 2.3
- Scheduler for automated backups
Server Services
- Transparent HTTP, FTP, SMTP and POP3-Proxy server
- Caching DNS-Server
- DHCP-server (separately for the green, blue and orange network)
- Network Address Translation
- SIP VoIP-support (since 2.4.1 no longer included)
- Virtual Private Network (VPN) Gateway with OpenVPN or IPsec
- NTP-Server
Starting with version 2.3
- Policy-Based Routing (port, MAC address, protocol or port)
- Generic SNMP support
- VLAN support (IEEE 802.1Q trunking)
User Management
- Local
- RADIUS
- LDAP
- Active Directory
- NTLM Single Sign-On
Version 2.3
- User or group as HTTP proxy content filter rules
Logging & Monitoring
- Visualized Live Log Viewer (AJAX based), see figure "The web interface of Endian Firewall"
- Log the activities and the stress of network and hardware
- Connection statistics
- Forwarding possibility of syslogs to an external server
Version 2.3
- Top with integrated DASH Board
- Event-based notifications by e-mail
Others
- Support Software-RAID
History and compared to the original
Endian Firewall is a fork of the Linux firewall IPCop, which in turn is a is a fork of SmoothWall. Due to numerous further developments one-fifth of the original IPCop Code is currently being loud Endian only used. For example, Endian uses today the RPM Package Manager, which leads to a simplified maintenance with frequent and lengthy build times, as are common in LFS-based distributions like IPcop avoids. Newer versions based initially on Linux From Scratch and from version 2.2 to RHEL [1] or on CentOS.[2] With the upcoming version 3.0, Endian Firewall is virtually "Smoothwall-" and "IPCop free".
The biggest difference to IPCop is that the Endian Firewall is no longer understood merely as a pure router / firewall - combination, but as a comprehensive gateway security solution (Unified Threat Management). For this, a virus scanner and a spam blocker have been firmly integrated into the distribution. This allows the transport of HTTP, FTP, POP 3 and SMTP scanned in real-time and optionally filtered. As a completely new features continue to several WAN connections were integrated (for simple Load sharing, failover) and a WLAN hotspot feature.
In addition, the menus were refined to a lot of points compared to IPCop, which a more detailed configuration of the individual services is possible, but this also increases the complexity.
In summary, one can say that the Endian Firewall compared with IPCop regarding gateway security the comprehensive solution is, as a compromise to this, however, a somewhat more extensive configuration and noticeably higher requirements have to be taken to the hardware equipment in buying (there are for use of the complete functionality 512 MB memory and 1 GHz processor clock recommended or 256 MB and 500 MHz mentioned as a minimal configuration).
With regard to the development and the business model is different endian to its origins SmoothWall and IPCop as follows:
- SmoothWall: developing a commercial version by the SmoothWall Ltd. and a free version by a community of volunteers. Innovations in the commercial version only partially, security updates sometimes delayed deliberately integrated into the free version. This policy was the reason for the removal of part of the Community to IPCop [3]
- IPCop: development exclusively by a community of volunteers, there is only a free version.
- Endian Firewall: Friendly elimination of IPCop with the aim to expand the software functions to create a comprehensive security gateway software. As with SmoothWall there are also here in the commercial version features that are missing from the free community version.
Resonance
- The Endian Firewall is part of c't-Debian-Server Version 4 (published by August 2009) and this was already 2007.[4]
- In July 2005, the Endian firewall was OSDir [5] elected Project of the Week.
- The Linux Magazine 09/2008 has Endian Firewall UTM Appliances 2.2 and tested the system to certify a test result in the upper middle of comparable products.[6]
References
- ^ "Development Release: Endian Firewall 2.2 Beta 2 (DistroWatch.com News)". Distrowatch.com. Retrieved 2015-07-09.
- ^ "Distribution Release: Endian Firewall 2.3 (DistroWatch.com News)". Distrowatch.com. Retrieved 2015-07-09.
- ^ [1] [dead link]
- ^ "c't-Debian-Server | c't". Heise.de. Retrieved 2015-07-09.
- ^ "Project of the Week: Endian Firewall :: OSDir.com :: Open Source, Linux News & Software". OSDir.com. Retrieved 2015-07-09.
- ^ Jörg Fritsch. "Praxistest: Endian Firewall Macro X2 » Linux-Magazin" (in Template:De icon). Linux-magazin.de. Retrieved 2015-07-09.
{{cite web}}: CS1 maint: unrecognized language (link)