Firewall Software & Tools

Firewalls (perimeter security)  are clearly 101 Cybersecurity. There are a ton of options out there; here are a few recommended solutions for 2019. 



rock solid walls

Firewalls as a technical term, when applied to Cybersecurity, is possibly one of the greatest ever ‘marketing coups’ with regards to its’ perception. The term ‘Firewall’ conjures up an instant imagine of protection and security but alas nothing could be further from the truth. Firewalls are only as good as the human being behind it. The IT Team (perhaps ‘Security Team’) that manage the Firewall(s) will need to set-up rules for ingress and egress traffic as well as ensuring that the ruleset is all configuring correctly.

The patching of Firewalls is also of vital importance so just simply stating that you ‘have a Firewall so I’m ok!’ is a misnomer.

In this resource we list a bunch of Firewall solutions that we’d recommend. There are many (read: hundreds) of different Firewall solutions, vendors and strategies so tread carefully with this list.

The pricing of Firewalls and indeed all affiliated software connected therein (such as SOC Software) for example varies tremendously from it being Open Source, to it being extremely expensive.


Tool Category: Firewalls


What is Netfilter?
Netfilter is a classic Firewall hacking tool used by many within the cybersecurity industry. The tool (framework) essentially filters packets inside Linux 2.4.x and later kernels. Netfilter is a series of hooks inside the Linux kernel that allows kernel modules to perform callback functions within the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack. iptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists of a number of classifiers (iptables matches) and one connected action (iptables target). netfilter, ip_tables, connection tracking (ip_conntrack, nf_conntrack) and the NAT subsystem together build the major parts of the framework.

Is Netfilter Free?

Does Netfilter Work on all Operating Systems?
Its only for Linux operating systems.

What are the Typical Uses for Netfilter?
Netfilter allows the user to filter packets, network addresses along with ports, translations (within the NA[P]T protocols) and other packet auditing.


Tool Category: Firewalls


What is OpenBSD PF?
Packet Filter is this hacking tool’s method for filtering TCP/ IP traffic and running Network Address Translation. PF is also capable of normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. Packet Filtering has been a part of the ‘GENERIC OpenBSD kernel’ since OpenBSD 3.0. Previous kernel versions of OpenBSD shipped with a different firewall/ NAT that is no longer supported.

Is OpenBSD PF Free?
Yes, this product is absolutely free.

Does OpenBSD PF Work on all Operating Systems?
Just like netfilter, OpenBSD only works for Linux operating systems.

What are the Typical Uses for OpenBSD PF?
A lot of users love OpenBSD due to the fact that it handles networks address translation, gives you a bandwidth control, packet proritazation and can normalize TCP/IP traffic. Users of this tool will have access to features such as passive OS detection.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.