The Gap IPCop Fills
There are a variety of different levels of firewall available. At one end of the spectrum, there are enterprise systems such as Check Point and ISA, which perform all kinds of powerful functions and can control the traffic for networks of vastly varying sizes and topologies. At the other end of the spectrum, we have personal firewalls running on host machines such as Agnitum, ZoneAlarm, and the built-in firewall in Windows XP Service Pack 2, which protect a single machine. There are also many home routers that provide basic firewall functionality. This leaves us with the question as to which of these roles IPCop is appropriate for, and whether it suits our needs.
IPCop is best suited, as we discussed earlier, to the SOHO network. If our network is relatively small with a single Internet connection, such as a home network or small business, or we have a couple of sites with separate internet connections that require linking together in a medium-sized business then we can certainly benefit from using IPCop to handle these connections. Another important aspect of IPCop is cost. Since IPCop itself is free of charge our only expenses for the firewall are the cost of the hardware (which is usually a low-specification machine) and the cost of administering the machine (which is relatively low due to the easy-to-use interface). For smaller networks this is highly attractive.
Systems such as ISA server and checkpoint are extremely expensive and require a great deal of background knowledge to configure and secure properly. Compare this to IPCop, which functions as a very well-secured router and firewall almost by default. Larger enterprise systems also have much higher system requirements and are usually overkill for smaller networks. The expense and time it takes to set these up is unlikely to provide a good return on investment for networks outside the larger enterprise. IPCop also benefits from simplicity that is not available when using a general purpose OS such as Windows or even a Linux distribution with all the unnecessary services they usually come with. IPCop has a specific role, so many services and other applications can be removed such that you are left with a specialized system.
At the other end of the spectrum, there are personal firewalls such as those provided by Agnitum, ZoneAlarm, et al. Commonly within SOHO offices Windows Internet Connection Sharing (or a cheap router) is used to fulfill the role frequently occupied by IPCop.
These firewalls generally provide basic features and don't allow us to create VPNs or to protect multiple machines from a single centralized device. When you consider the features such as the ability to create a DMZ, the Intrusion Detection System and the network services provided by IPCop you can see that simple host-based systems may not be adequate for us and something with the power of IPCop as well as its ease of use becomes a compelling option.
The most common use of IPCop, at the moment, is among people who have some firewall and Linux knowledge but don't want to spend time setting up a firewall from scratch. This is by no means the only use for IPCop. No real Linux or firewall experience is necessary and the purpose of this book is to walk through IPCop in an easy-to-follow way, which enables a user with the most basic computer knowledge to get up and running with a simple firewall to protect their network.