Free network security policy software for linux

• A Firewall with stateful packet inspection and application proxies guards Internet communications traffic in and out of the organization.
• A Virtual Private Network (VPN) gateway assures secure communications with remote offices, road warriors, and telecommuters.
• Anti-Virus defends computers from both email and web-bourne viruses.
• Intrusion Protection detects and stops hostile probes and application-based attacks.
• Spam Filtering eliminates the productivity drain of opening and deleting unsolicited emails.
• Surf Protection (Content Filtering) and Spyware Protection improve productivity by blocking inappropriate web activities, provide full protection from user tracking threats and violation of privacy.

Major Features:

1. Protects all types of networks Windows, Linux, Unix and others.
2. Delivers comprehensive features at low cost maximizing your ROI (return on investment).
3. Highly effective. Has won numerous industry awards. Beat Cisco and Checkpoint in InfoWorld magazine product review, Beat IBM and Computer Associates in Linux World for Best Security Application.
4. Integrated management platform features an intuitive browser-based interface and one-step updates for rapid deployment and easy management.
5. Can be installed in under 15 minutes or purchased pre-installed on security appliances.
6. Can start with firewall, VPN and spam protection and add other security applications as needed, seamlessly.
7. Runs as a dedicated application server on top of a hardened operating system, which relieves operating system management headaches.
8. Runs on systems ranging from small devices up to large multi-processor systems utilizing gigabytes of memory.
9. Redundant systems can be configured to provide high availability and automatic failover in case of hardware or network failures.
10. Load balancing improves performance - traffic shaping can set priorities by network, service and protocol.
11. Logging, automatic backup, and diagnostic tools support high reliability.
12. Free online evaluation workshop to get you started.

Enhancements:

1. Major New Things:
   • Intrusion Protection Performance
   • Uses new version of the IPS engine
   • Scales massively when used with Multi-Core CPU/Appliances
   • Real-Time Bandwidth Monitor
   • New Interface utilization bars on Dashboard (setup scale via QOS)
   • Click for detailed overview as to "whats happening in my network right now"
   • Import/Export Widget
   • Gives the ability to work with manual lists for many features/fields
   • Useful to import a large blacklist (for example) into the URL Blacklist
   • Can been seen in many user-input boxes in Web, Mail and more. (Green Up/Down Arrows)
   • Clone Objects
   • Easily duplicate existing objects for quick re-use.
   • Supported in most places for many objects (Definitions, Services, Certain Profiles/Actions)
   • Extended Network Security Reporting
   • Added Detailed Packet Filter/Firewall Reports
   • Added Detailed IM/P2P Reports
   • Reputation Support for Web Security
   • Allows use of the trustedsource.org reputation for Web Filtering
   • Documentation coming, for now visit their site/FAQ for more info on reputations
   • DHCP Improvements
   • Automatically map a current lease to a static assignment
   • Limit DHCP leases to those with static assignments only
   • Configurable DHCP lease time
   • Servers retain configuration when enabled/disabled
   • Multicast Routing Daemon
   • PIM-SM Routing support
   • More documentation on this implementation to come. Experiment with it and if it solves your needs.
2. Other New Things:
   • Windows SSL VPN Upgraded - New Client which supports X64 and many other options (download again via the UserPortal)
   • Improved HTTP Caching - Increases hit/usage rates and makes the cache more effective.
   • Quarantine/UserPortal Usability - Adds navigation to the bottom (supplementing the existing controls at the top), large amounts (250-1000) of displayed items per page, and sorting by subject line.
   • Default Definition for "Internet" - Allows to specify "Internet" as an object which will exclude internal network(s) to aid policy creation (0.0.0.0/0 on Gateway interface)
   • Customizable Shortcuts - Change the default Ctrl assignments to fit your preference
   • Improved Definition/Services Sidebar - Mouseover now instantly shows full name and extended info to aid identifying desired object for drag n drop.
   • User List shows static IPs - if assigned/configured (no need to edit in order to view)
   • Live Log Negation - use to filter live logs to not show lines that match "-" entries i.e. -test to remove lines containing "test"
   • Console/SSH Logins Trigger a notification - provides admin the needed insight when accessed.
   • Instant Email Backup - Button for every created backup file which allows it to be sent immediately via email to configured addresses
   • Custom text for notifications - Allows easier identification of which installation is sending the message. Especially useful if managing multiple sites using notifiers.
   • Test NTP Sync - Button to immediately poll the configured NTP server
   • Automatic Backup before Up2Date install
   • Configurable Default for Lists - Allows for the amount of items per page (Packet Filter Rules, or anywhere there is a number amounts drop down) to have a larger default view
   • Cluster/HA Serial Number View - Information on connected units made easier
   • Schedule Firmware Installation - When an Up2Date for Firmware is available, you can schedule it to auto-install at a certain time (not a recurring setting)
   • WebAdmin Network Section Split - Now two sections; "Network" and "Network Services" for usability.
   • Search Boxes Retain Data - No need to re-enter query when returning from a drill down/result click.
   • System Restart Reason - Allows logging of "why was system restarted" in the notification
   • Group Tool tips for Members - Easily discern Network/Service Group members without having to edit in order to view
   • Reporting Exclusions - Used to remove unwanted entries from various reports (such as Google-analytics from Web Security tables
   • Log Flag for NAT Rules - Similar to packet filter, tells you which NAT rule was matched as part of traffic handling
   • Masquerading for Additional IP Addresses - Allows the use of Masquerading (vs. just SNAT) for additional IPs bound to an interface
   • Support for Multiple Authentication Servers - The authentication server section has been redesigned to support fallback/failover in an easier format, with many usability improvements
   • SNMP MIB - Downloadable via the SNMP section of WebAdmin
   • Up2date Status Reworked - Clarifies the current status of a Firmware Up2date to avoid confusion regarding the availability, download progress etc...of an issued Up2date.
   • Inline/Snap Report Links - Directly moves the Admin to the relevant details report when browsing the embedded daily reports located throughout WebAdmin
   • Global POP3 Sender Blacklist - Quarantined as "other" in the QM/EUP
   • Dashboard RSS Feed - Provides visibility to select Astaro-issued items via WebAdmin
   • Other magic features, enhancements, and usability improvements