Public Profile of Mosudi Isiaka O.

Open Source Firewall

Opensource Technology: A cost saving option

Firewall gateway requirements

Firewall
Port forwarding
Network Address Translation(NAT)
Redundancy/Fail over
Virtual Private Network(VPN)
Intrusion Detection systems(IDS)

There were three main servers on which the TCMS (Transaction Control and Management server) was based namely:

Automated Fingerprint Identification system(AFIS) server
Data base Server
Web Server

They are critical to the smooth running of a digital mall. TCMS application runs on The Microsoft .NET Framework. Therefore, the most appropriate server platform was Window 2008 servers yet they were to be available for on site client software connection as well as remote site client software connections. The remote connection of the client software is primarily over the World Wide Web. Therefore, the need to be protected with firewall. The client TCMS software was designed in a manner to connect to the three services: AFIS, Database and Web services on a single host server:- i.e. same hostname/IP address yet each of the three were running on separate physical hardware. Likewise, the enterprise network requires that the different sets of server in all locations to bear same network address. The requirement for the scenario to be resolved involves: Firewall, NAT, Port forwarding, VPN, IDS and redundancy/failover.

Quick on your mind are:

Cisco PIX (Private Internet Exchange)Assure Managed Firewall
Checkpoint firewall
Astaro Security Gateway
Cyberoam

In all these solutions Cisco PIX owns the largest market share. With Linux we were able to put up a formidable firewall gateway with effective perimeter fence yet legitimate connections were made easy and straight forward, even for a regular windows server administrator. Each server were made available from behind the firewall for easy administration and network service. Above all the server administrators does not need to travel distance before having adequate desktop access to the corresponding servers for routine maintenance, emergency maintenance, administration and monitoring. The Firewall gateway itself has an intuitive web administration interface which makes it easy for non hard core network administrator to manage such firewalls. Above all, inexpensive X86 hardware would perform extremely well and at fraction of the price for alternative and traditional hardware firewall gears /applications. Each Firewall Gateway served as VPN endpoint for each network location and it was possible to have all servers on a private network. It was also possible for remote and mobile users and administrators to effectively connect to the TCMS application.

NB: This white paper was made with open source software-based applications.
Namely:

Operating System: Ubuntu Lucid 10.04 LTS on a gnome desktop environments
Word processor: OpenOffice.org
Graphics: Dia – a program for drawing structured diagrams Eye of GNOME
email: info@mioemi.com, imosudi@gmail.com
web: http://www.mioemi.com/firewall.html
Author: Mosudi Isiaka

Skills

I have demonstrated excellent skills in numerous aspects of Information and Communication Technology. A very good experience in Local Area Network implementation and management, from a simple network to a mid level complex network scenario of not less than one thousand Workstations deployed in more than single location.

System Automation( Ansible)Expert

Python & DjangoExpert

TCP/IP NetworkingExpert

Network Management & Traffic Engineering SystemsExpert

Storage ManagementExpert

Data Center Collocation Onboarding Pro

Linux Server AdministrationPro

Web & Mail Hosting InfrastructurePro

VirtualizationPro

Long Distance WirelessPro

Web DesignExpert

Credits

This responsive HTML5 CSS3 site template is handcrafted by UX designer Xiaoying Riley at 3rd Wave Media for developers and is FREE under the Creative Commons Attribution 3.0 License

Follow me