Running Linux and Netfilter on Nokia IP Series Hardware

    Date24 Apr 2003
    CategoryFirewalls
    4689
    Posted ByAnthony Pell
    Check Point Software Technologies has the largest market share of any firewall vendor with their Firewall-1 (FW-1) product, and Nokia manufactures several hardware appliances together with an operating system called IPSO to run FW-1. IPSO is based on FreeBSD, provides advanced . . . Check Point Software Technologies has the largest market share of any firewall vendor with their Firewall-1 (FW-1) product, and Nokia manufactures several hardware appliances together with an operating system called IPSO to run FW-1. IPSO is based on FreeBSD, provides advanced routing and failover capabilities and is extremely stable, with uptimes regularly running in the multiple hundreds of days. Nokia and Check Point together provide as close to a de facto standard for enterprise firewalls as possible in a field with such a diversity of security vendors. Of course, all of this comes at a price; Check Point makes a lot of money on both licensing fees and support contracts for Firewall-1. Then, as time marches on, Check Point stops supporting older versions of FW-1. This by itself does not force companies to upgrade to newer versions of FW-1, at least not until a security vulnerability or other bug is discovered. Firewall-1 is not open-source software and, hence, cannot be patched without Check Point's (paid) assistance.

    The purpose of this article is to illustrate a method for installing Red Hat Linux on a Nokia IP330 and, furthermore, to show that Netfilter can function properly in this hardware environment. The choice of Red Hat as the Linux distribution mostly is motivated by its relative ease of installation as compared to other distributions, such as Debian, Gentoo or Linux From Scratch. These others certainly work, and Gentoo was tested as such. This article merely serves as a proof of concept. It is assumed the reader has some familiarity with Linux system administration.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"6","type":"x","order":"1","pct":60,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":30,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":10,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.