The SuSE Linux Firewall on CD is an application-level gateway that
comes on 2 CDs, but rather than being installed on a server or as a
hardware device like many firewalls, is instead run directly from write-
protected CDs and floppy disks. The operating system boots from a CD-
ROM containing the firewall application and the OS, and because files
on a standard CD cannot be changed, the firewall is more secure,
according to Holger Dyroff, the director of sales and marketing with
SuSE Linux Inc. In fact, the system running the firewall wouldn't even
need to have a hard drive, he said.
The version of the Linux OS that boots off the CD is stripped down,
including only the necessary service for running the firewall, Dyroff
said. The more services running, the more potential there is for
security compromises, he said.
The firewall configuration files are stored on a write-protected floppy
disk. Because both the firewall application and its configuration files
are kept on write-protected media, a break-in cannot advance far as no
files can be written, Dyroff said.
Such an application is ideal for enterprises with remote locations, he
said. IT managers at the main office can configure the firewall the way
they want, send the CD and configuration disk to the location knowing
that it cannot be changed, and be confident that the firewall will be
used they way they want.
An administration tool, called the Firewall Administration System, is
included on the second CD and allows for fast and easy firewall
configuration and management, SuSE said in a release.
The package also includes an HTTP (Hypertext Transfer Protocol -- the
protocol used to send Web pages) content filter that can be used to
filter undesirable Web pages, the company said.
The software, which also comes with a manual and 30 days of
installation support, is available for US$649 and will be shipping
through SuSE's normal distribution channels in about a week.
SuSE, in Nuremberg, Germany, can be reached at +49-911-740-5331 or at