Storm Firewall
Stormix manufacturers a stand-alone version of Linux (Storm Linux) as well as a firewall package (cleverly called Storm Firewall) which sits on top of their Linux. As a low-priced firewall, Storm Firewall may be one of the Linux sleepers of the year. There’s no need to talk about why you need a firewall: if you connect to the Internet, get one. If your connection machine is a Linux box or you need a dedicated firewall, this is probably the best on the market under $1,000!
The Storm Firewall package includes two thin perfect bound manuals (one for Storm Linux and one for the firewall itself), a CD-ROM, and two diskettes for drivers. Storm Linux installs quickly and easily recognizing the same hardware setups as most current versions of Linux. The firewall software sits on top of Storm Linux and adds firewall and proxy capabilities. The vast majority of the Storm Firewall manual is a description of firewall capabilities and installation, with only a fraction devoted to the firewall configuration itself. This isn’t because the developers were lax in their documentation task, but because most of the configuration has been taken care of by careful design of the interface.
Storm Firewall is designed to function under both KDE and GNOME and we found no differences in behavior or performance with either window environment. The Storm Linux software itself proved stable and fast, certainly on a par with the best of the distributions.
The installation on our test 500MHz PIII system took about an hour (including Linux installation), and configuring the firewall itself literally took five minutes. Granted, we’re familiar with firewalls, but anyone can read prompts and decide what they want to allow and prevent through the firewall. It’s almost as literally easy as that: do you want to allow FTP through; what about telnet, and so on. The easiest configuration process is with the Firewall Wizard which asks a few basic questions then configures itself to suit the most common requirements. If you need to toggle a few items on or off, there’s a set of options dialogs that give you that control. If you need more, you can even edit the rules used by the firewall at the chains level, giving you control usually found only in far more expensive packages. The manual steps you through all these steps easily with good descriptions and screen images.
The security provided by Storm Firewall is excellent. We tried all the traditional hacking techniques as well as some more advanced methods such as IP fragmentation. Storm Firewall blocked all entry attempts and didn’t swamp itself to a core dump with denial of service routines or attempts at TCP stack overloads. While it’s probably possible to get through Storm Firewall somehow, in our tests with standard hacking software we didn’t get through.
There are some things not included with Storm Firewall, such as the ability to set up Virtual Private Networks, but for the price the included software is a bargain. There’s little else to say about Storm Firewall: it’s fast, clean, easy to configure, and works. That’s exactly what you want from your firewall software.
Storm Firewall
Stormix
Suite 165
10180 Telesis Court
San Diego
CA 92121
800-STORMIX
858-623-9137
858-623-9140 fax
http://www.stormix.com
Summary: Likely the best inexpensive firewall package for Linux servers. Easy to configure, bulletproof, and fast.
Copyright © 1995- Tim Parker Consultant Incorporated. All Rights Reserved.