Given the ever present threat of malware and intrusion attacks, the safety of systems depends on having reliable firewalls to protect them. This article offers an instant guide to Firewall Builder, which is regarded as a significant firewall configuration and management tool.
For network security, systems and network administrators have umpteen choices with regard to firewall and network intrusion detection systems – both open source and commercial options. They can make use of utilities like iptables/Netfilter on Linux; ipfilter/ opfw on OpenBSD and even Cisco PIX and other commercial options via Sophos. All these firewalls provide strong security solutions to filter all sorts of threats and exploits coming from the outside world. Managing security policies becomes quite challenging as configuration options are complex and have many sub-features, which puts a lot of stress on systems administrators.
With experience, network administrators become experts in what they’ve chosen, but to achieve 100 per cent security, they need to understand the internal path of a packet inside Linux and its interaction with different parts of packet filtering systems. Things become even more complicated and challenging when administrators switch the security systems from one software or hardware to another, and this could even lead to misconfiguration, errors or security mishaps. So, to overcome this problem, systems administrators require to build self-customised firewalls, easy enough to configure security options and flexible enough to change with the passage of time, depending on the security requirements.
An introduction to Firewall Builder
Firewall Builder, also known as fwbuilder, is a universal GUI based firewall configuration and management tool that supports iptables (Netfilter), ipfilter, pf, ipfw, Cisco PIX and CISCO routers’ extended access lists, allowing network and sysadmins managing bigger networks or hobbyists managing home based networks to simplify management tasks. Firewall Builder runs on many popular operating systems including Red Hat, Mandrake, SUSE, FreeBSD, MacOS X and even Windows.
Firewall Builder provides a high level of abstraction and hides the internal structure of the target firewall platform. For example, it can decide which iptables chain is right for each generated iptables rule, automatically, without your input. It can pick the right iptables target for both policy and NAT (Network Address Translation) rules as well as properly use most popular iptables modules, all automatically. Firewall Builder generates correct PIX translation rules, choosing between ‘nat’, ‘global’ and ‘static’ commands as appropriate, using the same definition of the NAT rules as it uses for iptables and PF. It enforces best practices in policy design and assists sysadmins in deploying and activating the generated policy on the firewall.
Policy and NAT rules built in Firewall Builder will look very familiar to anyone who ever worked with Firewall-1, PIX, iptables, PF and so on. This is because these rules are just generalisations of the ideas and features found in all of those firewalls. The program helps you create and manage rule sets and then translates them into the configuration language of the chosen target firewall platform.
You can read up to 3 premium stories before you subscribe to Magzter GOLD
Log in, if you are already a subscriber
Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines
READ THE ENTIRE ISSUE