Select your language

Home arrow-right ... arrow-right Security and Privacy Software arrow-right Advanced Policy Firewall

We've compiled a list of 9 free and paid alternatives to Advanced Policy Firewall. The primary competitors include iptablesbuild, Firelet. In addition to these, users also draw comparisons between Advanced Policy Firewall and Shorewall, ferm, Dome9 Ubuntu Firewall Management. Also you can look at other similar options here: Security and Privacy Software.


iptablesbuild
Free Open Source

iptablesbuild is effectively a configuration manager for iptables.

Firelet
Free Open Source

Firelet is a centralized firewall management tool for small and medium scale environments.

Shorewall
Free Open Source

The Shoreline Firewall, more commonly known as “Shorewall”, is high-level tool for configuring...

ferm
Free Open Source

ferm is a tool to maintain complex firewalls, without having the trouble to rewrite the complex...

Firewall Builder
Free Open Source

Firewall Builder is Open Source multi-platform firewall management software that supports Linux...

CacheGuard OS is an Appliance oriented Operating System dedicated to Web traffic Security and...

A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for...

HeatShield is a network firewall management service and SSH brute force blocker for Linux servers.

Server-based firewall.

Advanced Policy Firewall Platforms

tick-square Linux

Advanced Policy Firewall Overview

Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Linux servers. The configuration is designed to be very informative and easy to follow. The management on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information on all the features.
The technical side of APF is such that it utilizes the latest stable features from the iptables (netfilter) project to provide a very robust and powerful firewall. The filtering performed by APF is three fold:
1) Static rule based policies (not to be confused with a “static firewall”)
2) Connection based stateful policies
3) Sanity based policies
The first, static rule based policies, is the most traditional method of firewalling. This is when the firewall has an unchanging set of instructions (rules) on how traffic should be handled in certain conditions. An example of a static rule based policy would be when you allow/deny an address access to the server with the trust system or open a new port with conf.apf. So the short of it is rules that infrequently or never change while the firewall is running.
The second, connection based stateful policies, is a means to distinguish legitimate packets for different types of connections. Only packets matching a known connection will be allowed by the firewall; others will be rejected. An example of this would be FTP data transfers, in an older era of firewalling you would have to define a complex set of static policies to allow FTA data transfers to flow without a problem. That is not so with stateful policies, the firewall can see that an address has established a connection to port 21 then “relate” that address to the data transfer portion of the connection and dynamically alter the firewall to allow the traffic.
... and much much more. See site for further details.

Advanced Policy Firewall Features

tick-square Command line/bash

Top Advanced Policy Firewall Alternatives

Share your opinion about the software, leave a review and help make it even better!

Advanced Policy Firewall Categories

Security and Privacy Software

Advanced Policy Firewall Tags

mod-security layer-7-firewall application-firewall netfilter iptables firewall

Suggest Changes

Your Feedback

Select a rating
Please select a rating

Your vote has been counted.

Do you have experience using this software?