Open source tools for e-mail, network and general perimeter protection

This is a fairly broad topic. Firstly let's start at the perimeter. Firewalls are usually the recommended choke points on most networks that mark the boundaries between your network and another, usually untrusted, network such as the Internet. These firewalls can range from enterprise-grade devices like Cisco PIXs and Nokia appliances running applications like Checkpoint Firewall-1 to the Linux and BSD space where a number of tools exist that can turn an older PC into a highly capable router/firewall. In this lower end of the market there are tools like Smoothwall and IPCop which run on Linux and m0n0wall which runs on FreeBSD.

Also useful to protect your perimeter is an IDS or Intrusion Detection System. The obvious choice here in the Open Source world is the Snort IDS. Snort is powerful and compares very favorably with most commercial offerings in this space. It is also capable of running on older and cheap hardware –- again saving you money on the need to purchase expensive sensors or probes and the associated software.

Moving further into our network we may have an e-mail system. Choosing an appropriate e-mail system can be tricky and controversial. A lot of Usenet posts and mailing lists get clogged when the debate about which e-mail system is best starts. Personally I am a fan of Postfix, which I have found easy to install, manage and secure. Other people swear by products such as Qmail or Exim and still others believe the venerable Sendmail package still has significant legs.

Added onto your e-mail system you will need to further secure this with anti-virus and anti-spam technology. Some of the open source products here include ClamAV for anti-virus and tools such as SpamAssassin, DSPAM and Bogofilter for anti-spam.

Hope this helps!