www.demarc.org (ids snort and interface) this could monitor a cluster of astaro's. we are using this in netbsd and it rocks, makes an average firewall really shine and a great one dominate.
Redundant active firewall / session failover like checkpoint (the ability to fail over to another box when one firewall goes down. share session information through isolated network with encryption. this would allow sessions to fail over when one box goes down and therefore users would not have to log back in and re-authenicate.
acitve local / remote (vpn) session info. display with ability to disconnect user temp. or perm. have to be able to monitor remote vpn betther with reverse dns. be able to push messages to users both remote/local
more proxy support H323,AOL, ping, rpc, telnet, ssh2,ssl,vpn-ipsec-proxy etc(to allow more than one tunnel under Nat) inbound VPN PAT to forward vpn connections to a astaro box behind a firewall running Nat with rfc1918 addresses..... proxy and vpn load balancing against a VIP of astaro's. (both incomming and outgoing requests load balance)
priority routing for users / groups in Lan, Wan and Extranet VPN sessions.
hardware accelerators for vpn ipsec encryptions.
smart card authenication
reworked lincense price for small home, business networks.
A netbsd and or openbsd version. Even checkpoint is now seeing how many customers want bsd ports for firewall-1.
[ 30 November 2001: Message edited by: EaSyToKeR ]
[ 30 November 2001: Message edited by: EaSyToKeR ]
[ 30 November 2001: Message edited by: EaSyToKeR ]
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.