BorderWare Firewall Server 6.1.1
- By Chip Andrews
BorderWare’s Firewall Server 6.1.1 is an interesting solution
to the problem of making sure the firewall remains in action—it
wipes out anything that existed beforehand on the partition where
the product is to be installed, then installs the firewall and its
operating system in that space. BorderWare’s hardened version
of BSD Unix is all that exists on the firewall server and is managed
at the console or via a Windows 9x/NT client package called BWClient.
This approach is actually quite secure because it keeps administrators
from installing extraneous software and drivers on a machine that
should be dedicated strictly to firewall duty.
I will say that for Windows administrators, installing Firewall
Server may prove a bit tricky, although it shouldn’t pose a
real problem to anyone remotely familiar with Unix. If, however,
you’re using SCSI drives or need a particularly complicated
partition configuration, be prepared to perform some fairly technical
drive geometry details. The console itself isn’t exactly user-friendly
and GUI administrators will immediately abandon it in favor of BWClient.
By the way, the fade effects on the HTML-based documentation slowed
and annoyed me to no end. (Is anyone at BorderWare listening?)
Firewall Server boasts a solid set of robust features including
NAT, remote administration, application proxies, and access control
rules. But it lacks Windows integration, so access control was limited
to IP addresses. Still, if you don’t require tight integration
between your firewall and Windows, Firewall Server is a scalable,
stable, and configurable option.
Chip Andrews, MCSE+I, MCDBA is a software security architect at (Clarus Corp.). Chip maintains the (sqlsecurity.com) Web site and speaks at security conferences on SQL Server security issues.