Installing and Testing Open Source Security Appliances

Abstract

The purpose of this thesis was to evaluate open source firewalls and compare them to commercial firewalls. The evaluation was done by testing two different firewall distributions called IPFire and OPNsense. The test results from these firewalls were documented and used to compare them with each other. The results were also used to discover the differences between open source firewalls and modern commercial firewalls.

The tests implemented on the open source firewalls aimed to find any weak points that could compromise the security of a network. The tests were focused on attributes such as usability, application detection, content filtering, throughput, antivirus, and IPS. In addition to these, many other things were reviewed to get an idea of what open source firewalls are capable of.

The testing and evaluation gave a clear insight into the current state of open source firewalls. Comparing the open source firewalls in this study, OPNsense was proven to be slightly more advanced. Overall, the open source firewalls in general still had a lot of room to improve. After comparing open source firewalls to commercial firewalls, the biggest difference seemed to be the sophistication of the threat prevention. Also, the ease of management gives commercial firewalls a big edge. The conclusion is that open source firewalls are suitable for smaller businesses because they are affordable and add moderate security. However, the level of security that open source firewalls provide is insufficient for bigger network environments.