RSA 2011: Qualys announces open source firewall project

Ivan Ristic, the cloud security specialist's director of engineering, said the aim of the project is to create an industry initiative that will create a portable and highly modular firewall for today's IT security environment.

Talking about Snort, the open source intrusion protection software project started in the late 1980s by Martin Roesch - now CTO of Sourcefire - Qualys' Ristic said that one thing Snort did not get quite right was the issue of governance.

"People would not commit to an entirely open source project application like Snort. This is why we are leading an industry initiative for a next generational firewall application", he explained.

Project IronBee, he told Infosecurity, is based on the Apache software licence model, and will be coded - in its first iteration, at least - as a complete firewall environment, but without a graphical front end.

The gameplan is that third party vendors who adopt the open source firewall will develop their own front end to the software, and Qualys will not be seeking an open source licence controls over the resultant code.

Akamai, he went on to say, is supporting Qualys on this week's launch of Project IronBee, and, he adds, other vendors are welcome to join in the initiative.

"We want the community to join in this development project. The features of the firewall are not set in stone, but as the code develops, we hope to have first version available for use by third party vendors in Q3 or Q4 of this year", he said.

Interestingly, Qualys is describing Project IronBee as a Web Application Firewall (WAF) platform, rather than a simple firewall.

The team leading the open source project are the same people who developed ModSecurity, an open source WAF designed to interface with the Apache HTTP Server platform.

Hosted at the website, Qualys says the project is open to all parties interested in joining the development effort.

Philippe Courtot, Qualys' CEO, said that, owing to the proliferation of cloud computing and web applications, it is quite obvious that no single company alone can fight the sophistication of attacks we are now facing.

"We are now enthused to introduce IronBee as an open source project so we can leverage the collective intelligence of the community to develop a cloud-based WAF with a diverse rule set that can help protect us all against cyber-attacks", he said.

What’s Hot on Infosecurity Magazine?