Linux has received a lot of publicity over the past few years, and while publicity in general is not a bad thing, much of the attention focused on the upstart operating system (OS) has revolved around the fact that the OS is free.
Running Linux on a plug-and-play firewall makes a lot of sense.
Alastair Otter, Journalist, ITWeb
Technically, Linux, as with other open source software, is indeed free, but one concern for advocates is that with so much attention being focused on the cost factor, very few observers look far enough into the product to see that it is a lot more than just a cheap way of doing business.
Having said that, however, Linux is making significant inroads in network appliances based on its low cost, stability and capabilities. Network appliances are essentially low-profile boxes running some form of hardened operating system, and sitting between a business network and the rest of the Internet. Over the last few weeks I have seen a number of these devices and almost without fail they are running some form of Linux. At least one is manufactured locally by a company called SecureWorx.
Running Linux on a plug-and-play firewall makes a lot of sense. Not only is Linux more than up to the task as well as being free, it also offers infinite configuration options. With a host of tools at its disposal, Linux makes for an excellent firewall, and evidence in the market suggests that most businesses are catching onto this. Obviously no network device can protect against everything threatening corporate networks, but plugging in a network device is an obvious first step.
Running Linux as a gateway to a network is not a particularly new idea, and the open source community has built up a fairly extensive array of tools for running the OS on low-powered computers as everything from a mail server to a router to a firewall. Setting up a Linux gateway is a simple enough task and one that doesn`t have that big an overhead.
Linux gateway
In fact, anyone who has access to an extra PC, even an early generation one, can set up a simple home or office network that uses the Linux box as the gateway to the Internet. I know because I`ve done exactly this at home and now run a number of different machines on a home network that connect to the Internet through a dial-up connection on the Linux box.
With tools such as IPMasquerading, it is a relatively simple task to hide the entire network behind one machine. Essentially, the internal network can be running any range of IP addresses but to the outside world the network appears as if it is just one machine.
Once the traffic is being routed through one machine before moving onto the internal network, tools such as IPChains can regulate and control the traffic between the internal and external networks.
Clearly many of the security vendors are catching onto this and are starting to produce exactly these kinds of devices. And in this case, Linux`s flexibility and low cost is making it an obvious choice for this role.
Share