Check Point Software Technologies has the largest market share of any firewall vendor with their Firewall-1 (FW-1) product, and Nokia manufactures several hardware appliances together with an operating system called IPSO to run FW-1. IPSO is based on FreeBSD, provides advanced . . .
Check Point Software Technologies has the largest market share of any firewall vendor with their Firewall-1 (FW-1) product, and Nokia manufactures several hardware appliances together with an operating system called IPSO to run FW-1. IPSO is based on FreeBSD, provides advanced routing and failover capabilities and is extremely stable, with uptimes regularly running in the multiple hundreds of days. Nokia and Check Point together provide as close to a de facto standard for enterprise firewalls as possible in a field with such a diversity of security vendors. Of course, all of this comes at a price; Check Point makes a lot of money on both licensing fees and support contracts for Firewall-1. Then, as time marches on, Check Point stops supporting older versions of FW-1. This by itself does not force companies to upgrade to newer versions of FW-1, at least not until a security vulnerability or other bug is discovered. Firewall-1 is not open-source software and, hence, cannot be patched without Check Point's (paid) assistance.

The purpose of this article is to illustrate a method for installing Red Hat Linux on a Nokia IP330 and, furthermore, to show that Netfilter can function properly in this hardware environment. The choice of Red Hat as the Linux distribution mostly is motivated by its relative ease of installation as compared to other distributions, such as Debian, Gentoo or Linux From Scratch. These others certainly work, and Gentoo was tested as such. This article merely serves as a proof of concept. It is assumed the reader has some familiarity with Linux system administration.

The link for this article located at LinuxJournal is no longer available.