Free firewalls often suffer from a few of the same class problems:

Weak or missing logging and alerting features
No real-time firewall monitoring capability
Weak or missing graphical user interface
Difficult command prompt-based configuration

These problems all stem from the fact that the software is developed primarily by a single individual or small team rather than by a corporation. Small teams don't have the time or money to spend on ancillary problems like ease of use or sophisticated alerting and logging mechanisms. These features, when present, are nearly always provided by an add-on package developed by a different developer. Free software is developed for people who deeply understand the problem to be solved and the operating system upon which the software runs. With network security being a strong point but ease-of-use being a weakness of these free packages, several companies have built businesses around "finishing" the free firewalls and selling the result. If you look closely, you'll find that under the hood of many of the commercial firewalls a Linux or BSD kernel running IPChains or ipf. For plug-and-play security that may be the better solution, but if you're not afraid to roll your own firewall, then this could be for you.

[ Read more ]

Related items

• Review: SonicWALL Pro (9 June 2003)
• Article: Interview with Lisa Yeo, author of "Personal Firewalls for Administrators and Remote Users" (30 March 2003)
• Review: Personal Firewalls for Administrators and Remote Users (13 March 2003)
• Article: Interview with Aviel Rubin, Computer Science Professor at Johns Hopkins University and Technical Director of the JHU Information Security Institute (26 February 2003)
• Review: Firewalls and Internet Security: Repelling the Wily Hacker 2/e (30 January 2003)
• Review: Cisco Secure PIX Firewalls (28 January 2003)