NetCitadel Firewall Builder 220.127.116.114 | 8.8 MB
Firewall Builder is a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations.
Firewall Builder is multi-platform firewall configuration and management tool. It consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF as well as Cisco PIX and Cisco IOS extended access lists.
* Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
* Firewall Builder runs on Linux, FreeBSD, Windows (XP and Vista) and Mac OS X. This means administrator can use a laptop or workstation running any OS they are comfortable with to manage Open Source firewalls such as iptables, ipfilter, ipfw, pf or commercial firewalls such as Cisco PIX/ASA and Cisco routers access lists.
* Firewall Builder helps administrator manage many firewalls using the same network object database. Change made to an object is immediately reflected in the policy of all firewalls using this object. Administrator only needs to recompile and install policies on actual firewall machines.
* Object-oriented approach simplifies policy design and management for both dedicated firewalls and on-server firewalls. This aids in implementaion of security in depth
* Built-in interactive installer uses ssh to communicated with the firewall and can automatically copy generated policy and activate it. Installer supports batch mode of operation and can update policy on multiple firewalls in one session.
* In Firewall Builder, administrator works with an abstraction of firewall policy and NAT rules; software effectively "hides" specifics of particular target firewall platform and helps administrator focus on implementation of security policy. Backend software components, or policy compilers, can deduct many parameters of policy rules using information available through network and service objects and therefore generate fairly complex code for the target firewall, relieving administrator from having to remember all its details and limitations.
* Policy compilers also run sanity checks on firewall rules and make sure typical errors are caught before generated policy is deployed.
* Policy compiler for PIX, which recently has been released under GPL, allows Firewall Builder to function as a sophisticated policy management software for Cisco PIX firewall with access to all functions of PIX including newest features added in v7.x.
* Policy compiler for Cisco IOS Access Lists adds support for router access lists and turns Firewall Builder into complete solution for the multi-tiered network security.
homepage - http://www.fwbuilder.org/