November 17, 2011 - [[[[ (5) Phase Secure Network Backbone/Circuit ]]]]

TSCS Implemented Security Products

Here's a list of some of the products I use in building, maintaining and securing my networks:

* Axigen Free Mail Server [Nothing short of EXCELLENT]

Axigen is an integrated email, calendaring & collaboration platform, masterfully built on our unique Linux mail server technology, for increased speed & security.

* Linux Mint OS [An OS doesn't get any better than Mint:]

Linux Mint is a Linux-based operating system for computers. Linux Mint is available in several editions with different codebases, all of which are ultimately based on Debian. Linux Mint focuses on usability and ease of installation, particularly for users with no previous Linux experience.

Linux Mint is composed of many software packages, of which the vast majority are distributed under a free software license (also known as open source). The main license used is the GNU General Public License (GNU GPL) which, along with the GNU Lesser General Public License (GNU LGPL), explicitly declares that users are free to run, copy, distribute, study, change, develop and improve the software. Linux Mint also includes some proprietary software, such as the Adobe Flash plugin, and uses a Linux kernel that contains binary blobs. Linux Mint is funded by its community of users. Individual users and companies using the operating system act as donors, sponsors and partners of the distribution. The financial support from the community and advertising on the website helps to keep Linux Mint free and open source.

* Zentyal UTM - Linux Small Business Server  [No. (1) in UTMs]

Zentyal can act as a Gateway, Infrastructure Manager, Unified Threat Manager, Office Server, Unified Communication Server or a combination of them. One single, easy-to-use platform to manage all your network services. Also, performs the following roles; Active directory Automatic failover Backup Centralized management Certification authority DHCP DNS Dashboard Filtering Firewall Groupware HTTP proxy IM Infrastructure Intrusion detection system LDAP replication Load balancing Mail server Monitoring Multi-gateway support NAT NTP Network Open Source Reporting Resource sharing Routing / Router Server Small business Traffic rate Traffic shaping Users and groups VLAN VPN VoIP Web server Workgroup

* SmoothWall Express 3.0   [EXCELLENT perimeter product]

The SmoothWall Open Source Project was set up in 2000 to develop and maintain SmoothWall Express - a Free firewall that includes its own security-hardened GNU/Linux operating system and an easy-to-use web interface.

* Endian UTM [Nice perimeter product and getting better]

Endian UTM Software offers the same technology that resides in the Endian Unified Threat Management (UTM) appliances, allowing you to turn any PC into a full-featured security appliance. Unleash the power of Endian UTM using your preferred hardware to enable comprehensive security for your entire network infrastructure. Integrated security services such as stateful inspection firewall, VPN, gateway anti-virus, anti-spam, web security, and email content filtering offer granular protection in a single system, reducing management time and costs. Endian designed the Software UTM to meet the needs of every business from small to large.

* Untangle UTM [Great gateway product/filter and getting better]

Untangle provides a secure Internet Gateway that acts as your first line of defense against all of these risks. The Untangle Gateway puts you back in control. Our web filtering solutions ensure that employees can only see what you want them to see online, avoiding the risk of one of your staff being offended by a colleague’s web browsing. These same web filters ensure that your staff stay focused on work-related matters, too, especially whilst you’re out of the office meeting with clients. At the same time, Untangle protects the computers in your business from outside attacks. By preventing unwanted intrusions into your network and protecting against Trojans entering your systems, you protect against loss of customer data.

* Vyatta - Firewall - IPS [Another great perimeter product with firewall/ips]

The free community Vyatta Core software(VC) is an award-winning open source network operating system providing advanced IPv4 and IPv6 routing, stateful firewalling, IPSec and SSL OpenVPN, intrusion prevention, and more. When you add Vyatta to a standard x86 hardware system, you can create an enterprise grade network appliance that easily scales from DSL to 10Gbps. Vyatta is also optimized to run in VMware, Citrix XenServer, Xen, KVM, and other hypervisors, providing networking and security services to virtual machines and cloud computing environments. Vyatta has been downloaded over 600,000 times, has a community of hundreds of thousands of registered users and counts dozens of fortune 500 businesses among its commercial customers.

* IPFire [A new perimeter combo UTM product; could be the sleeper of UTMs]

IPFire is a server distribution with intended to use as a firewall. It focuses on flexibility, and scales from small to middle sized business networks and home networks.

Along with this hardened, minimalist come lots of addons that can be installed with a simple click. That's what makes IPFire different from other firewall distributions: it is easy to configure for any task, and easy to administer once it's set up.

* IPCop [A nice perimeter product thats been around a long time]

The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.

* Webmin [EXCELLENT server tool; a must for any admin]

Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. Webmin removes the need to manually edit Unix configuration files like /etc/passwd, and lets you manage a system from the console or remotely.

* Superb Mini Server [A great free tool for your network]

A Linux operating system console based and manageable through Webmin web-based interface... Although described as a mini server, have all the features of a powerful server such as apache2, sendmail, postfix, spamassassin, clamav, squid, iptables, MailScanner, mysql, cups and lot of other server packages.

SMS also features TorrentFlux, a powerful php based bit torrent client that can be managed from anywhere, making this server not only server administrators interest, but simple users too that want to download torrents safe and secure.

SMS is based on Slackware 13.1 (Since version 1.5.1)

* CentOS [A great free tool for your network]

CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by a prominent North American Enterprise Linux vendor. CentOS conforms fully with the upstream vendors redistribution policy and aims to be 100% binary compatible. (CentOS mainly changes packages to remove upstream vendor branding and artwork.) CentOS is free.

CentOS is developed by a small but growing team of core developers. In turn the core developers are supported by an active user community including system administrators, network administrators, enterprise users, managers, core Linux contributors and Linux enthusiasts from around the world.

CentOS has numerous advantages over some of the other clone projects including: an active and growing user community, quickly rebuilt, tested, and QA'ed errata packages, an extensive mirror network, developers who are contactable and responsive, multiple free support avenues including IRC Chat, Mailing Lists, Forums, a dynamic FAQ.

* Ubuntu Server Edition [An EXCELLENT tool for your network]

Ubuntu (pronounced /ʊˈbʊntuː/) is a computer operating system based on the Debian GNU/Linux distribution and distributed as free and open source software. It is named after the Southern African philosophy of Ubuntu ("humanity towards others").

With an estimated global usage of more than 12 million users, Ubuntu is designed primarily for desktop use, although netbook and server editions exist as well. Web statistics suggest that Ubuntu's share of Linux desktop usage is about 50%, and indicate upward-trending usage as a web server.

Ubuntu is sponsored by the UK-based company Canonical Ltd., owned by South African entrepreneur Mark Shuttleworth. Canonical generates revenue by selling technical support and services tied to Ubuntu, while the operating system itself is entirely free of charge.

Lean, fast and powerful, Ubuntu Server delivers services reliably, predictably and economically – and it easily integrates with your existing infrastructure. Tighten security by defining access to specific users and programs. Uncomplicated firewall technology makes access secure yet simple, while a home and private directory encryption service adds another layer of security.

* OSSEC [Free IDS]

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.

* Wireshark [A EXCELLENT tool and a must for any serious traffic analysis]

Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

* Snort [Industry standard IDS/IPS (periord)]

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users, Snort has become the de facto standard for IPS.

* Nmap [One of the best network scanners ever]

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).

* Nessus Scanner [A EXCELLENT network scanner]

The Nessus® vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.

* LibreOffice   "A Free Open Source Office Suite"

LibreOffice is the free power-packed Open Source personal productivity suite for Windows, Macintosh and Linux, that gives you six feature-rich applications for all your document production and data processing needs: Writer, Calc, Impress, Draw, Math and Base.

* OpenOffice  "A Free Open Source Office Suite"

OpenOffice.org 3 is the leading open-source office software suite for word processing, spreadsheets, presentations, graphics, databases and more. It is available in many languages and works on all common computers. It stores all your data in an international open standard format and can also read and write files from other common office software packages. It can be downloaded and used completely free of charge for any purpose.