Tuesday, May 31, 2011

Managing rules - New article on Linux.com

Jack Wallen's latest article on Linux.com is about how to manage rules on Firewall Builder. He covers both the basics and some advanced features like rule groups and rule colors that help users organize their rules.

Wednesday, May 25, 2011

New HowtoForge article

Check out our latest article on HowtoForge that walks through the steps of importing an iptables configuration using the newly enhanced import feature in V4.2.
Importing iptables configuration into Firewall Builder

Tuesday, May 24, 2011

New Video Quick Tip - Object & Service Groups

Check out the latest Firewall Builder Video Quick Tip. This one covers how to use object and service groups to simplify your firewall rules.

Monday, May 23, 2011

Latest Linux.com article

In this week's Linux.com article Jack Wallen gets into the details about Firewall Builder object types and how to create advanced options like group objects and address tables.

Monday, May 16, 2011

Linux.com article

Another great article by Jack Wallen on Linux.com about using Firewall Builder to configure Linux iptables firewalls.

Why didn't Sony use firewalls?

There has been a lot of press lately about the Sony Play Station Network breach. One of the facts that came out is that apparently Sony was not using network firewalls to protect the servers that PSN runs on. This got me thinking about why a large company might not have network and/or server firewalls in place. Of course there is the capital cost of purchasing firewall hardware, but I think a far bigger factor is the ongoing operations cost of managing the firewall(s).

This operations cost is one reason that we hear from customers about why they don't implement firewalls for some functions. Keeping firewall configurations up-to-date can be challenging, especially if you are managing host-based firewalls for large server farms where the number of servers is large and the pain of updating the rules is high.

Our mission at NetCitadel is to simplify firewall management so that companies don't have to choose whether or not to implement a firewall. Since Firewall Builder supports multiple firewall platforms including Linux iptables firewalls, companies can install a very capable firewall using standard PC hardware, often with hardware that costs less than $1,000.

Why do you think a large company might not install firewalls to protect critical resources?

Friday, May 13, 2011

Network World Blog Post

There was a post about NetCitadel and Firewall Builder on the Network World open source blog today. You can check it out here:

Network World - Open Source Subnet

Tuesday, May 10, 2011

Firewall Builder v4.2.1 released

We are happy to announce new version of Firewall Builder. V4.2.1 is a minor bug-fix release:

  • fixes a bug discovered in the built-in policy installer batch mode. This should help users who run fwbuilder to manage their firewalls on IPv6 only networks
  • fixes a bug in the SNMP network discovery wizard
  • fixes few other minor bugs in the GUI
  • fixes policy compiler for PF that did not generate PF rules with "queue" keyword correctly in 4.2.0

Full release notes are available on the web site

Avoiding locking yourself out of your firewall

Most people who manage firewalls have locked themselves out of the firewall after pushing new rules at least once. I'll be the first to admit that it has happened to me on more than one occasion.

Firewall Builder includes a neat feature where you can define an IP address or IP network that should always have SSH access to the firewall. This gets installed as a rule above the rest of the regular user defined rules to ensure that you don't lose access after pushing changes to the firewall.

This short video shows you how to configure which address or network should always have access to the firewall.

Always Allow SSH to Firewall - Video Quick Tip

Wednesday, May 4, 2011

See what commands Firewall Builder is going to generate

Have you ever wanted to check in real-time what commands will be generated by Firewall Builder when you compile a rule?
This short video shows how easy it is to use the rule compile feature to display the specific commands that Firewall Builder will generate.
Have other features you'd like to see demonstrated in a short video? Just leave us a comment about the feature you'd like to see.