CogniSec Enterprise Firewall

CogniSec Enterprise Firewall is a project designed to create an entirely open source, feature-rich, enterprise firewall and VPN gateway. Using stateful packet filtering mechanisms and adaptive packet scrubbing preprocessors, CogniSecEFW offers advanced firewalling capabilities not found even in the most expensive commercial offerings. Virtual Private Networks use IPSec with IKE to allow for easy integration into existing enterprise infrastructures, and can provide encrypted gateway-to-gateway and client-to-gateway tunnels.

Built on a minimal, hardened, open source foundation, CogniSecEFW offers host based attack mitigation mechanisms to prevent local compromise and host-based intrusion detection systems to detect attempts at firewall circumvention.


Currently CogniSec-FW is subdivided into two projects, Corporate and Enterprise.


Partial Feature List and Functional Status:


CogniSec Corporate Firewall

---------------------------

- hardened single-purpose os (beta)

- is a stateful firewall (final)

- allows for a single dmz (final)

- does hide and static nat (final)

- provides ipsec and pptp vpn's (final)


CogniSec Enterprise Firewall

----------------------------

- hardened single-purpose os (beta)

- is a stateful firewall, can do mac filtering (final)

- can use Checkpoint objects and rules (alpha)

- allows for multiple dmz's up to 20 (final)

- does hide and static nat plus proxy arp (final)

- does traffic control and shaping (beta)

- protection against common dos attacks (final)

- built in host-based ids to prevent fw compromise (beta)

- provides ipsec and pptp vpns with x.509 support (final)

- supports gre and ipip tunnels natively (final)

- provides active status monitoring (beta)

- produces traffic graphs and statistics (alpha)

- can log via encrypted session to remote mgmt console (final)

- high-availability option (beta)

- load-balancing option (alpha)

- global load-balancing option for geographic redundancy (alpha)

- user and client authentication planned (pre-alpha)


Firewall Policy Preview

This page hosted by:

SourceForge Logo