GNAT Box

["Logan Hansen" <llhansen () adams edu>]

What do you have to say about the GNAT Box?  It almost looks like a Linux box with IP masc enabled with something like 
IPFWADM or FWTK setup on it.  On the plus side, it's designed to run off a single floppy (Linux Router Project?)! 

Here's the HYPE (Selected from www.gnatbox.com/pages/faq.html):

GNAT Box is the technological outgrowth of GTA's ICSA (formerly the NCSA)
Certified GFX Internet Firewall System. Although the GNAT Box doesn't have all the
features and functionality of its parent, it still retains the stateful transparent packet
inspection technology of the GFX system. In its default configuration the GNAT Box
does not accept unsolicited connections from the external network. The GNAT Box is
an "in band proxing firewall", which means that TCP and UDP based applications can
pass packets transparently through the GNAT Box system without needing modified
(special) clients or servers. We use the term "proxy" because the GNAT Box monitors
all communications levels including the application level.

The GNAT Box system supports three types of filters: Remote
Access Filters, Outbound Filters, and IP Pass Through Filters. The built-in implicit rule
for the GNAT Box system is, "That which is not expressly permitted is denied."
Therefore, if no filters of any type were defined, packets would not be allowed to flow
to or through (inbound and outbound) the GNAT Box system. 

The GNAT Box system provides transparent operation of many VPN
implementations. Two of the most common VPNs: Microsoft Corporation's PPTP and
Data Fellows SSH are supported transparently. Other VPN solutions, such as
hardware based systems typically operate transparently with the GNAT Box system

GNAT Box is transparent to standard TCP and UDP applications. GNAT Box also
supports difficult applications that require both inbound and outbound connections
like:

                        FTP (normal and PASV) 
                        RealAudio/RealVideo 
                        Vxtreme 
                        Vosaic 
                        CU-SeeMe 
                        StreamWorks 
                        VDOLive 
                        VIVOActive 
                        True Speech 
                        NTT AudioLink 
                        NTT SoftwareVision 
                        RSTP Applications 
                        Yamaha MIDPlug 
                        Microsoft PPTP 
                        Microsoft NetShow 
                        ICQ 
                        Quake II 
                        Net2Phone