A multi-platform firewall management and configuration tool
Firewall Builder is a multi-platform firewall management and configuration tool.
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy edsing simple drag-and-drop operop operations.
Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical summary of features supported by the policy compilers for all platforms can be found in the section "Modules" (see menu on the left).
Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
With the additional purchase of Firewall Builder for PIX, Firewall Builder functions as a sophisticated policy management software for Cisco PIX firewall with access to all functions of PIX including newest features added in v7.x.
Firewall Builder for Cisco IOS Access Lists, another add-on module, adds support for router access lists and turns Firewall Builder into complete solution for the multi-tiered network security.
Firewall Builder allows for management of multiple firewalls using the same network object database. Change made to an object is immediately reflected in the policy of all firewalls using this object. Administrator only needs to recompile and install policies on actual firewall machines.
In Firewall Builder, administrator works with an abstraction of firewall policy and NAT rules; software effectively "hides" specifics of particular target firewall platform and helps administrator focus on implementation of security policy.
Backend software components, or policy compilers, can deduct many parameters of policy rules using information available through network and service objects and therefore generate fairly complex code for the target firewall, thus relieving administrator from having to remember all its details and limitations. Policy compilers can also run sanity checks on firewall rules and make sure typical errors are caught before generated policy is deployed.
Limitations:
· 30 days trial
What's New in This Release
GUI Updates:
· Built-in policy installer now works with HP Procurve switches. Currently installer can only execute generated configurarion lines one-by-one on the switch; installation method using scp that is available for Cisco routers is not supported yet. This has been tested with Procurve firmware K14.31 on ProCurve J9470A Switch 3500-24. Caveat: manager access should not be configured with user name (that is, no "password manager user-name foo")
· fixed #1683 When user creates new firewall using snmp scan, fwbuilder will now guess and assign the type to interfaces that look like vlans for the given platform and host OS.
· fixed #1683 class procurveInterfaces interprets interface "DEFAULT_VLAN" as vlan interface with vlan id 1.
Changes in support for iptables:
· fixed #1693 SF bug 3048516 "NAT rule with 'Use SNAT instead MASQ' doesn't work". NAT rule using combination of the option "Use SNAT instead of MASQ", dynamic address of an interface and source port translation produced ...
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy edsing simple drag-and-drop operop operations.
Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical summary of features supported by the policy compilers for all platforms can be found in the section "Modules" (see menu on the left).
Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
With the additional purchase of Firewall Builder for PIX, Firewall Builder functions as a sophisticated policy management software for Cisco PIX firewall with access to all functions of PIX including newest features added in v7.x.
Firewall Builder for Cisco IOS Access Lists, another add-on module, adds support for router access lists and turns Firewall Builder into complete solution for the multi-tiered network security.
Firewall Builder allows for management of multiple firewalls using the same network object database. Change made to an object is immediately reflected in the policy of all firewalls using this object. Administrator only needs to recompile and install policies on actual firewall machines.
In Firewall Builder, administrator works with an abstraction of firewall policy and NAT rules; software effectively "hides" specifics of particular target firewall platform and helps administrator focus on implementation of security policy.
Backend software components, or policy compilers, can deduct many parameters of policy rules using information available through network and service objects and therefore generate fairly complex code for the target firewall, thus relieving administrator from having to remember all its details and limitations. Policy compilers can also run sanity checks on firewall rules and make sure typical errors are caught before generated policy is deployed.
Limitations:
· 30 days trial
What's New in This Release
GUI Updates:
· Built-in policy installer now works with HP Procurve switches. Currently installer can only execute generated configurarion lines one-by-one on the switch; installation method using scp that is available for Cisco routers is not supported yet. This has been tested with Procurve firmware K14.31 on ProCurve J9470A Switch 3500-24. Caveat: manager access should not be configured with user name (that is, no "password manager user-name foo")
· fixed #1683 When user creates new firewall using snmp scan, fwbuilder will now guess and assign the type to interfaces that look like vlans for the given platform and host OS.
· fixed #1683 class procurveInterfaces interprets interface "DEFAULT_VLAN" as vlan interface with vlan id 1.
Changes in support for iptables:
· fixed #1693 SF bug 3048516 "NAT rule with 'Use SNAT instead MASQ' doesn't work". NAT rule using combination of the option "Use SNAT instead of MASQ", dynamic address of an interface and source port translation produced ...
| Developer: License / Price: Size / OS: Last Updated: | NetCitadel LLC Trial / USD 120.00 16.8 MB / Windows 2K / XP / Vista / 7 August 25th, 2010 |
| Download: | Firewall Builder 4.1.1 Build 3243 |