Top Ad unit 728 × 90

Lastes News


A fresh look at free, open source UTM Software

With open source solutions taking on bigger and bigger roles in next generation networks, it’s time to take a more use-case related look at some of the most advanced open source software  for Unified threat Management. Ill be comparing them in terms of performance, usability, flexibility, costs, functionality to see where these solutions excel.

The most popular open source UTM by far is named PFSense. Licensed under GPL2, PFSense is completely free and if a user or company so desired are allowed to fork their own version of the software, like with OPNSense. Built upon the rock-solid stability of FreeBSD, this has the added benefit of a large pool of developers and software available for the operating system. Users and SMB routinely deploy PFSense as a perimeter firewall, DNS server, router, access point, DHCP server and VPN gateway. Since it’s source code is openly available and can be easily compiled for wide range of architectures, there is a much wider pool of hardware to choose from. But official support is only available on x86 network appliances.
Major advantages:
-Price: It’s completely free! no home/lite/crippled version of this software is supplied, instead PFSense makes it’s money from selling x86 hardware appliances and support services.
-Functionality: Owing a lot of it’s success to the wide feature set that rivals even commercial enterprise systems, it is by far the most complete open source UTM in this aspect
-Support: due to the large amount of active deployments and contributing users, there is no shortage of support; be it from PFSense themselves, community forums, online tutorials or bug trackers.
-Performance: good showings in this respect(at least in comparison to less efficient systems like untangle). Some real-world implementations on mid-range x86 rackmount network appliances have been pushing 1Gbps+.
-User Interface: Many new users struggle to grasp the confusing layout. It’s more of a learning curve because once you get used to where certain things are it’s almost as easy to use.

Unlike PFSense, Untangle uses the far-more-popular Linux as it’s operating system base; specifically a distribution called Debian. It’s actually quite the interesting trend for security-centric software, as Debian has found itself at the base of many cyber security systems. Untangle provides network functions like: anti-spam, antivirus, antispyware, firewall, IPS/IDP, VPN and many more through downloadable modules. The free applications and NG firewall from untangle are licensed under GPL2, the complete offering is commercial and comes at a price. Despite this, the free version has proved to be powerful enough for many applications, power-users and small businesses. Untangle is much more limited in its hardware architecture compatibility, currently only deploy-able on x86-based hardware.
-User Interface: A much easier experience for new users as the UI is much more intuitive. Out-of-the-box configuration is much simpler as well and takes decidedly less work to deploy in comparison to PFSense.
-Performance: untangle performs noticeably slower on the same hardware compared to PFSense.
-Cost: While the free version is perfectly adequate for many home and SMB use cases, advanced features that are freely available on PFSense will cost you extra on untangle.
-Hardware support: Only available on X86 networking hardware.

The community firewall from endian is a completely free(home-use only), open source UTM Linux distribution. Capabilities of this turn-key system include: Email & Web Security, Network monitoring and reporting, secure remote access, firewall, router event manager and much more. Systems requirements on their page show no support outside of x86 network appliances.
-User Interface: while not as great as untangle, it’s still better in most respects when compared to PFSense.
-Support: One of the longer-running distros, there are plenty of online resources to help you get started with this UTM.
-Updating: The free version lags behind the commercial offering
-Hardware support: Only available on x86 network appliance hardware, and limited to 32bit version at that.
-Functionality: While there are many included functions, the extensibility is severely limited in comparison to the 2 distros above.
-Cost: While the firewall and UTM offerings from the community firewall are very powerful, they are limited to home-use only, unlike endian which allows its use in SMB’s. So if you wanted to use Endian in any setting outside of you’re house – you’d have to fork out some cash.

Remember, always use the right tool for the job:
If you value functionality, speed, support and aren’t to concerned about issues like ease-of use and deployment time then PFSense is the clear winner.
If you need something powerful and extensible but more intuitive , easy to use, and aren’t to concerned about performance or additional costs: untangle is the way to go.
If you have need a simple home-use UTM, want something really easy to deploy out of the box, and aren’t concerned about updating frequently or adding new features endian is a really good option to take a look at.
A fresh look at free, open source UTM Software Reviewed by James Piedra on 10:04 AM Rating: 5

No comments:

All Rights Reserved by Lanner - Next-Generation Networks and Cyber Security © 2014 - 2015

Contact Form


Email *

Message *

Theme images by sebastian-julian. Powered by Blogger.