Proxies, opensource and the general market: what's wrong with us?

[ArkanoiD <ark () eltex net>]

In early days, proxy firewalls and opensource (or just "crystal box" :-) solutions dominated the market.

Now both are either extinct or forced to an ulgy low end (for opensource, it usually means having no
security-centric framework, no common API, no real code review -- just a bunch of "functionally fit"
free things installed on a linux box with some simple web interface). For proxy firewalls the future is
even more questionable. Multiple state-of-the-art technology leaders were merging (quite obviously being
unable to stay competitive with cheapo crap) until there was only One left.. SC, later bought by McAfee.
And now McAfee is owned by Intel and it seems to show no interest in high end firewall solutions at all,
they seem to think they just bought an "antivirus company".

I asked guys on LinkedIn (having to admit LinkedIn security community sucks big time, some sane people are still there 
:-)
, if they still have some interest in opensource firewall solutions. The short answer
was "NO". The long ones were:

-- It is all about performance, we want as many Gbits per $ as possible, so ASIC is only way

-- It is all about features and support, no free solution fits.


And the second point seems to be pretty valid. We have *NO* product that is a match for current "market leaders".
It does not mean it is impossible: it is quite obviously possible, but we still do not have it.

You may take OpenFWTK, Prelude, Snort, ClamAV, some unix of you choice and.. still not get really the same.
Protocol support is not that good, no common management interface and not really ready for enterprise which 
is not full of geeks at all, management overhead and TCO are going to jump up beyond any reasonable limit.

OpenDLP is just a sad joke, running a bunch of regexps against your data is not the thing to be called DLP.

As I am still running the OpenFWTK project, I have to admit I get little to *NO* support form Opensource community.
The single reason the project is still alive is occasional donations and paid feature requests from *commercial* 
vendors who
use some OpenFWTK components in their products. Maybe once a year or two I receive a bug report or even a patch or some 
half-baked 
piece of documentation. I appreciate that, but most of the times I never hear from those people again.
Despite that, Sourceforge shows several downloads/checkouts daily, but the feedback is close to zero. Once I googled for
OpenFWTK I found some japanese site with patches they did not bother even to send me, and there was no contact email and
no way to send them any questions as comment form was protected with captcha in japanese!


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards