Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Overview of this book

IPCop is a powerful, open source, Linux based firewall distribution for primarily Small Office Or Home (SOHO) networks, although it can be used in larger networks. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way. This book is an easy introduction to this popular application. After introducing and explaining the foundations of firewalling and networking and why they're important, the book moves on to cover using IPCop, from installing it, through configuring it, to more advanced features, such as configuring IPCop to work as an IDS, VPN and using it for bandwidth management. While providing necessary theoretical background, the book takes a practical approach, presenting sample configurations for home users, small businesses, and large businesses. The book contains plenty of illustrative examples.
Table of Contents (16 chapters)
Configuring IPCop Firewalls
Credits
About the Authors
About the Reviewers
Preface
7
Virtual Private Networks
11
IPCop Support

Chapter 3. Deploying IPCop and Designing a Network

Now that we understand what IPCop is capable of as a firewall unconnected to any other system, we need to start considering how it does connect to them, and what are the implications for us. As you must now be realizing, the scope for deploying IPCop is quite varied, and especially in conjunction with a knowledge of Linux and the flexibility of open-source software, the number of possible permutations of even one IPCop box are fairly limitless! That said, there is a core of functionality used by the majority of networks, and among all of those permutations, there are a few core network layouts that will probably be common among the majority of IPCop deployments.

What we will try to do here, therefore, is outline a few common methods of deploying IPCop and the motivation behind these topologies, depending on which IPCop components we want to deploy.

Trust Relationships between the Interfaces

As we now understand, the four types of network interface...