5 Open Source Network Security Tools SMBs Should Consider

You might think that because your business is small you aren’t an attractive target for hackers.

But you would be wrong.

According to the National Cyber Security Alliance (NCSA), 82 percent of small business owners believe that they are not a target for cyberattacks, but 43 percent of last year’s cyberattacks targeted SMBs. And a single attack can cost SMBs up to $99,000.

Cyberattacks of all kinds are on the rise with data breaches increasing 15 percent over the past year, NCSA says. And ransomware, attacks that freeze up organizations’ systems until they pay a ransom, has become particularly prevalent; in just the first three months of 2016, U.S. ransomware victims paid out $209 million to attackers, compared to $25 million for all of 2015.

Fortunately, there are plenty of steps SMBs can take to protect themselves, and those steps don’t have to be expensive or complicated.

For example, any SMB with more than one Internet-connected device should have a network security solution. In honor of National Cyber Security Awareness Month, here are five open source network security solutions that are suitable for use by small businesses that don’t have a large (or any) IT staff.

Endian Firewall

Endian offers both paid security products and a free, open source version called Endian Firewall Community.

The company recommends that businesses use its paid professional products, but the free version might be enough for very small businesses. It has been downloaded more than 1.7 million times, and it can be installed on nearly any x86 PC. In other words, if you have an old (or really old) PC sitting around your office, you can install Endian and use it as a unified threat management (UTM) appliance. It includes a firewall, email and Web filtering, anti-virus, a VPN solution for remote access, live network monitoring and reporting, alerts, an intrusion prevention system (IPS), quality of service (QoS) features and multi-WAN capabilities.

If you need a network security solution with support, Endian’s paid products are based on the open source technology in the community edition but add some more robust features and access to the helpdesk. The company also offers paying customers the option of buying a pre-configured appliance so you don’t have to supply the hardware.

Untangle NG Firewall

This next-generation firewall is designed to function a little like an app store — users can install just the functionality they need or they can opt to get the complete package with all the bells and whistles. Some of the apps are available for free while others require a fee. The free and open source apps include a firewall, intrusion prevention, phish blocker, lite version of the virus blocker, ad blocker, lite version of application control, lite version of the spam blocker, lite version of the Web filter, a captive portal, a VPN, and reporting. The paid version adds the full version of the lite tools, plus an SSL inspector, bandwidth control, WAN balancer, WAN failover, Web cache, IPsec VPN, directory connector, policy manager and support.

As with many of the other tools featured here, users can install Untangle on any PC that you connect to your network. If that seems like too much work or if you don’t have any old hardware sitting around your office, you can also buy a pre-made appliance that just plugs into your network. It can run as a router on your network or you can install it as a bridge behind your existing routers. No matter which option you choose, deployment is fairly easy if you have a moderate amount of technical know-how, and the company website includes a lot of training and education material to help with the process.


If your SMB needs server features in addition to security, ClearOS might be a good option for you. It’s a complete server operating system that includes features like intrusion detection, content filtering, a firewall, bandwidth management, a domain controller, a mail server, a print and file server, and much more. It has a modular architecture, meaning that you can install just the features that you need without slowing the system down with a bloated piece of software.

ClearOS comes in several different versions. The Community edition is free and open source. In order to run it, you’ll need to install the software on an existing PC. The company also offers paid Home and Business versions, as well as pre-built hardware it calls a ClearBOX. The Business version starts at just $9 per month, making it very affordable. The company is also planning to add a hosted version that runs in the cloud.

The company has an impressive list of users that includes Samsung, Toyota, Hilton, Xerox, the U.S. Army, MIT, Greenpeace and many others. And while these are all very large organizations, ClearOS is very suitable for small businesses that don’t have a large IT staff.

Koozali SME Server

Like ClearOS, Koozali SME Server bundles together security features with other server functionality that small businesses often need. It provides file and print sharing, email, a firewall, remote access, directory services, Web hosting, redundant storage and backup, and an easy-to-use Web interface. You can also add capabilities from its large library of add-ons.

One of Koozali SME Server’s biggest claims to fame is how easy it is to set up. The company boasts that most SMBs can get it installed and running in less than twenty minutes. In addition, it’s based on the well-known Red Hat and CentOS distributions of Linux — both mature operating systems that are very reliable. And although the server itself is based on Linux, you can use it to network together Windows and macOS desktops and laptops as well as Linux-based devices.

This software is completely free, and there is no paid version. If your organization would like professional support, you will need to contact one of the third-party companies listed on the website.

Security Onion

The best network security tools have multiple layers of protection — and that’s exactly what you’ll find in Security Onion. This option is less full-featured than the other applications feature in this article, but it is a very good tool if you just need network monitoring. It combines many of the most popular open source security tools for intrusion detection, network security monitoring and log management into one easy-to-use package that is fairly easy for small businesses to set up and use (although you will need some basic understanding of security principles to get the most out of it).

For example, it offers two choices for a rule-driven network intrusion detection system (NIDS): Snort or Suricata. Both of these tools have databases of known malicious traffic, and they search your networks looking for matches. But because not all malicious traffic has already been identified, Security Onion also includes an analysis-driven NIDS called Bro. This tool monitors all the activity on your network looking for anything that seems suspicious.

In addition, Security Onion includes a host-based intrusion detection system (HIDS) called OSSEC, a packet capture utility called netsniff-ng, and several analysis tools, including Squil, Squert, and ELSA. All of these tools together can give administrators a really good idea of what is happening on their networks.

Training and other professional services are available through Security Onion Solutions.

Cynthia Harvey is a freelance writer and editor based in the metro Detroit area. She has been covering the technology industry for more than 15 years.

Image source: Untangle.com

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.