Nethserver to Next-Generation Firewalls


(Ya Ley) #1

Hi

When the Nethserver will be upgrade to Next-Generation Firewalls?

Regards,
Ya


(Joel Clendineng) #2

Can you be more specific? The question does not make any sense. A firewall can block/allow things, by definition, which is already included.


(Rob Bosch) #3

Please define “next-generation”. To me this is a buzz word without too much meaning.
Looking at what wikipedia says about NGFW (note the remark at the top of the article) NethServer already incorporates the functionality described in the article.

Can you point out what functionality you are missing?


(Michael Kicks) #4

For sure IPv6 support and L2TP are not available.
Some cypher protocols (Camelia, AES-CBC), integrity verifiers (SHA2, AES XCBC), pfs settings (elliptic curve cryptography and ECP) and even Ipsec features (including v2) are not on the menu.


(Filippo Carletti) #5

We follow upstream (redhat) for these.
Some enhancements will come with 7.4:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/new_features_security.html


(Ya Ley) #6

Just refer to