[CentOS-devel] CentOS Firewall and UTM SIG

Sat Mar 22 16:45:52 UTC 2014
Shafiee Roozbeh <roozbeh.shafiee at gmail.com>

OK I explain it:

My goal is a Unified Treath Management (UTM) based on CentOS (Security
SIG). this SIG has an ISO installation media (i686/x86_64) with both web
and cli interface, but cli interface is for common tasks. for back-end we
will use python and django web framework and we need a light web server
like nginx and for front-end we will use HTML5/CSS3/jQuery

The features for this SIG will be:
- basic and advanced wizard to initial configuration
- HA and cluster feature
- SNMP for monitoring
- Management Network like Interfaces, Gateway, Static Route, DHCP, DNS,
ARP, NAT, NameServers, Hostname &...
- Accounting and Access users based on OpenLDAP integrated with Microsoft
Active Directory
- Access policies for each users
- IPS/IDS firewalling based on mixed of IPTables, Snorby, Snort, Suricata,
PulledPork and Pigsty
- VPN to access users based on OpenVPN, PPTP, IPSec, L2TP
- Filtering for Web/URL, Applications, IM and File Transfer
- Defence System such as antivirus and antispam
- Graphical Monitoring System for each part of system

of cource these are some of all features and they can change or add in
future. but I have these in my mind right now.
For set of packages there are too many option and we can discuss about it.

On Sat, Mar 22, 2014 at 7:44 PM, Manuel Wolfshant
<wolfy at nobugconsulting.ro>wrote:

> On 22 martie 2014 16:46:26 EET, Shafiee Roozbeh <roozbeh.shafiee at gmail.com>
> wrote:
> >the goal is not a firewall rules generator like fwbuilder.
> >I mentioned this before.
> And you still did not offer a comprehensive explanation of the real goal
> which you wish to achieve.
> BTW, everybody here knows the OSI layers as well as their mapping to the
> real world. There is no need to teach us what iptables does and which
> layer(s) see(s) its actions.
> If you want real traction you should start with a set of scopes. For
> instance: a set of packages which on top of a CentOS installation would
> integrate
> - an antivirus module
> - an antispam module
> - a way to dinamically react to attacks and block them. Ideally this
> module should be able to imteract with remote sensors and trigger remote
> actions (mind that on purpose I said "trigger remote actions" and not
> "influence remote firewalls" or even "create iptables rules")
> - a module to monitor the activity of all other installed and activated
> modules
> - a teport module
> - a  web based command and control interface which can interact with all
> the other modules. It should be able to install,remove,enable, disable and
> configure all the other modules.
> So, can we move past "the goal is not" step and find out "what the
> complete goal is" ?
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> http://lists.centos.org/mailman/listinfo/centos-devel

Roozbeh Shafiee
Linux/BSD System Administrator and Python Developer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20140322/981888ae/attachment-0005.html>