iptables as a Replacement for Commercial Enterprise Firewalls
Dec 17, 2007, 11:30 (0 Talkback[s])
(Other stories by John C. A. Bambenek)
"With IT budgets getting tighter, managers need to trim costs.
Service contracts are expensive for any technology; firewalls are
no exception. Netfilter, the project that provides the packet
filtering program iptables, is a free firewall alternative. While
it lacks the service contract of commercial solutions and a pretty
interfaces to make firewall modification easy, it has solid
performance, performs effectively at firewalling, and allows for
add-on functionality to enhance its reporting and response
"As a case study to demonstrate the feasibility of iptables as
an enterprise firewall, consider the network I manage at University
of Illinois at Urbana-Champaign..."