Difference between revisions of "Comparison"

From securityrouter.org, an OpenBSD-based firewall
Jump to: navigation, search
m
Line 1: Line 1:
 +
This is a '''biased''' comparison page, that highlights the strengths of the ''security router''. We don't revise this page very often, and the information might be out of date. Please contact us, if you find any errors.
 +
 
{| class="wikitable"
 
{| class="wikitable"
! !! Halon 3.2 !! pfSense 2.0.1  !! m0n0wall 1.33 !! Vyatta 6.4 !! Mikrotik 5.20 !! Smoothwall 3.0sp3
+
! !! Halon 3.2 !! pfSense 2.1  !! m0n0wall 1.33 !! Vyatta 6.4 !! Mikrotik 5.20 !! Smoothwall 3.0sp3
 
|-  
 
|-  
| Platform || OpenBSD 5.4/current || FreeBSD 8.1 || FreeBSD 6.4 || Linux 3.0.23 || Linux 2.6 || Linux 2.6
+
| Revised || Sep 2013 || Dec 2013 || Sep 2012 || Sep 2012 || Sep 2012 || Nov 2012
 +
|-
 +
| Platform || OpenBSD 5.4/current || FreeBSD 8.3 || FreeBSD 6.4 || Linux 3.0.23 || Linux 2.6 || Linux 2.6
 
|-
 
|-
| Firewall || PF (2013) || PF (2007)  || ipfilter  || iptables || iptables || iptables
+
| Firewall || PF (2013) || PF (~2007 + patches)  || ipfilter  || iptables || iptables || iptables
 
|-
 
|-
 
| Architecture || Intel 32/64-bit || Intel 32/64-bit  || Intel 32-bit  || Intel 32-bit || Intel 32-bit || Intel 32/64-bit
 
| Architecture || Intel 32/64-bit || Intel 32/64-bit  || Intel 32-bit  || Intel 32-bit || Intel 32-bit || Intel 32/64-bit
Line 40: Line 44:
 
| MPLS || Yes (PE/VPN) || No || No  || No || Yes || No
 
| MPLS || Yes (PE/VPN) || No || No  || No || Yes || No
 
|-
 
|-
| Built-in OSPF/BGP || Yes (OpenBGP/OSPFD) || No || No  || Yes (Quagga) || Yes || No
+
| Built-in OSPF/BGP || Yes (OpenBGP/OSPFD) || Package || No  || Yes (Quagga) || Yes || No
 
|-
 
|-
 
| BGP TCP-MD5 || Yes || No || No  || Yes || Yes || No
 
| BGP TCP-MD5 || Yes || No || No  || Yes || Yes || No
Line 51: Line 55:
 
|-
 
|-
 
! Others !! !! !! !! !! !!  
 
! Others !! !! !! !! !! !!  
 +
|-
 +
| SIP proxy || Yes || No || No  || Yes || Yes || Yes
 
|-
 
|-
 
| Layer 7 load balancing || [[Load balancing|Yes]] || No || No  || No || ? || No
 
| Layer 7 load balancing || [[Load balancing|Yes]] || No || No  || No || ? || No
 
|}
 
|}

Revision as of 08:05, 3 December 2013

This is a biased comparison page, that highlights the strengths of the security router. We don't revise this page very often, and the information might be out of date. Please contact us, if you find any errors.

Halon 3.2 pfSense 2.1 m0n0wall 1.33  Vyatta 6.4 Mikrotik 5.20 Smoothwall 3.0sp3
Revised Sep 2013 Dec 2013 Sep 2012 Sep 2012 Sep 2012 Nov 2012
Platform OpenBSD 5.4/current FreeBSD 8.3 FreeBSD 6.4 Linux 3.0.23 Linux 2.6 Linux 2.6
Firewall PF (2013) PF (~2007 + patches) ipfilter iptables iptables iptables
Architecture Intel 32/64-bit Intel 32/64-bit Intel 32-bit Intel 32-bit Intel 32-bit Intel 32/64-bit
Management
Config format Clear-text XML XML Clear-text Semi-clear-text Binary (floppy)
Restore/rollback without reboot Yes No No No No No
Test/confirm without reboot Yes No No No No No
Revision-managed config Yes (Subversion) Yes (files) No Yes (file rotation) No No
Commit multiple changes Yes No No Yes No No
CLI config editor Yes No No Yes Yes No
API SOAP No No REST Custom No
VPN server
L2TP Yes Yes No Yes Yes No
PPTP NAT passthrough Yes No No Yes (iptables) Yes (iptables) No
DNS suffix in PPTP/L2TP Yes No No No No No
Client routes in PPTP/L2TP Yes No No No No No
Filter-ID for RADIUS Yes No No No Yes No
Routing
MPLS Yes (PE/VPN) No No No Yes No
Built-in OSPF/BGP Yes (OpenBGP/OSPFD) Package No Yes (Quagga) Yes No
BGP TCP-MD5 Yes No No Yes Yes No
IPv6
Firewall rules Dual-stack Rule duplication Rule duplication Rule duplication Rule duplication No
Layer-3 translation (eg. NAT64) Yes No No No No No
Others
SIP proxy Yes No No Yes Yes Yes
Layer 7 load balancing Yes No No No ? No