Firewall Builder is a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. Both network administrators and hobbyists managing firewalls with policies more complex that is allowed by simple web based UI can simplify management tasks with the application. The program runs on Linux, FreeBSD, OpenBSD, Windows and Mac OS X and can manage both local and remote firewalls. The GUI and policy compilers are completely independent, this provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf and Cisco PIX.
Feature of Firewall Builder
* Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
* All configuration management operations can be performed from one central place, Firewall Builder GUI. You can create configuration, track its changes using built-in revision control system and deploy it to one or several firewall machines. Yet, it creates configuration for all supported firewall platforms in their standard format, which makes it easy to integrate with existing automation scripts.
* Firewall Builder runs on Linux, FreeBSD, Windows (XP and Vista) and Mac OS X. This means administrator can use a laptop or workstation running any OS they are comfortable with to manage Open Source firewalls such as iptables, ipfilter, ipfw, pf or commercial firewalls such as Cisco PIX/ASA and Cisco routers access lists.
* Firewall Builder helps administrator manage many firewalls using the same network object database. Change made to an object is immediately reflected in the policy of all firewalls using this object. Administrator only needs to recompile and install policies on actual firewall machines.
* Object-oriented approach simplifies policy design and management for both dedicated firewalls and on-server firewalls. This aids in implementaion of security in depth.
* Built-in interactive installer uses ssh to communicated with the firewall and can automatically copy generated policy and activate it. Installer supports batch mode of operation and can update policy on multiple firewalls in one session.