The Gibraltar Security Gateway is yet another good open-source based security product. It contains a few proprietary bits, but the majority of it is genuine open source. It comes in several versions at different price points. While the (non-proprietary) source code is readily available from its download sites, the company also offers a free-for-personal-use edition for up to five network devices.
Gibraltar supports the usual menu of features on border security devices: firewall, VPN, LDAP and Active Directory integration, Web content filter, bandwidth management, anti-malware, an anonymization gateway for Web surfers, and captive portal for wireless authentication.
Gibraltar comes as software only, or bundled with hardware. The software can runs from a CD-ROM, USB drive, Compact Flash or hard disk. There are five different Gibraltar hardware options. The smallest is the GSG400 firewall, which is designed for small networks. The operating system, which is based on Debian Linux, is stored on Compact Flash. It supports Fast Ethernet and makes a nice VPN gateway. At the other end of the scale is the GSG3600. This is a 1U rackmount unit that contains a feast of goodies — seven Gigabit Ethernet ports and a hard drive in addition to the Compact Flash storage — and can be used as a proxy server.
All Gibraltar boxes come with a DB-9 port for proper serial console administration as well as a Web control panel that runs over Ethernet.
Gibraltar’s hardware comparison page has some interesting numbers that show how different services affect throughput. The stateful firewall slows things down a bit, but it’s the anti-virus software that really slows things down. For example, GSG3600 delivers 2000 Mbit/s when it’s used as just a firewall, but adding anti-virus scans puts the brakes on severely- 130 MByte/s. This type of performance hit is not unique to Gibraltar.
Visit Gibraltar.at for downloads, pricing and documentation.
This article was first published on ServerWatch.com.