Firewall Wizards mailing list archives
Proxies, opensource and the general market: what's wrong with us?
From: ArkanoiD <ark () eltex net>
Date: Sun, 24 Apr 2011 21:27:34 +0400
In early days, proxy firewalls and opensource (or just "crystal box" :-) solutions dominated the market. Now both are either extinct or forced to an ulgy low end (for opensource, it usually means having no security-centric framework, no common API, no real code review -- just a bunch of "functionally fit" free things installed on a linux box with some simple web interface). For proxy firewalls the future is even more questionable. Multiple state-of-the-art technology leaders were merging (quite obviously being unable to stay competitive with cheapo crap) until there was only One left.. SC, later bought by McAfee. And now McAfee is owned by Intel and it seems to show no interest in high end firewall solutions at all, they seem to think they just bought an "antivirus company". I asked guys on LinkedIn (having to admit LinkedIn security community sucks big time, some sane people are still there :-) , if they still have some interest in opensource firewall solutions. The short answer was "NO". The long ones were: -- It is all about performance, we want as many Gbits per $ as possible, so ASIC is only way -- It is all about features and support, no free solution fits. And the second point seems to be pretty valid. We have *NO* product that is a match for current "market leaders". It does not mean it is impossible: it is quite obviously possible, but we still do not have it. You may take OpenFWTK, Prelude, Snort, ClamAV, some unix of you choice and.. still not get really the same. Protocol support is not that good, no common management interface and not really ready for enterprise which is not full of geeks at all, management overhead and TCO are going to jump up beyond any reasonable limit. OpenDLP is just a sad joke, running a bunch of regexps against your data is not the thing to be called DLP. As I am still running the OpenFWTK project, I have to admit I get little to *NO* support form Opensource community. The single reason the project is still alive is occasional donations and paid feature requests from *commercial* vendors who use some OpenFWTK components in their products. Maybe once a year or two I receive a bug report or even a patch or some half-baked piece of documentation. I appreciate that, but most of the times I never hear from those people again. Despite that, Sourceforge shows several downloads/checkouts daily, but the feedback is close to zero. Once I googled for OpenFWTK I found some japanese site with patches they did not bother even to send me, and there was no contact email and no way to send them any questions as comment form was protected with captcha in japanese! _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? Anton Chuvakin (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? Marcus J. Ranum (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? Magosányi Árpád (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? Tracy Reed (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? Tracy Reed (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? David Lang (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? Magosányi Árpád (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 25)
- Re: Proxies, opensource and the general market: what's wrong with us? Anton Chuvakin (Apr 25)