“This is rounded out using a small number of commercial
applications and software developed in-house by Astaro. Plug in an
Astaro box and you’re actually using the open-source
netfilter/iptables framework for firewall protection, the de-facto
standard open-source Snort intrusion protection and detection
system, and StrongSWAN (IPSec) OpenVPN (SSL) and PopTop (PPTP)
open-source VPN servers.“But what’s clever about the Astaro Security Gateway is that all
of the underlying applications – open-source and proprietary — are
effectively invisible to anyone managing it: Configuration for all
applications is done using Astaro’s easy-to-use GUI (either
directly, or via configuration wizards.) For example, trying to
configure Snort from the command line is not for the fainthearted,
but using Astaro’s interface it’s possible to make the system (for
example) notify the administrator or to drop packets if it detects
port scans in a matter of seconds. Equally, you could set up the
firewall to provide (some) protection from DDOS attacks by
specifying that no machine on the network should have to process
more than a set number of TCP SYN packets or receive more than a
set number of ICMP pings every second just by pointing and
clicking.”
Astaro Appliances Take the Sting out of Security
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis