IBM to offer personal firewall

Guy Kewney, reporting from New York

For a mere $4,500, you too can have a firewall, even if you work from home on your own. IBM is launching a remote version of its IBM Firewall, which allows home workers to dial in via the Web to their office LAN.

It is also bundling an "auditor" program; that turns out to be a Satan clone, that is, a program that probes your firewall and security systems for holes, and breaks through where it can.

The firewall comes with several other options, not just standalone versions for remote users; prices drop hugely for the unlimited licence package. But the thing that IBM regards as the most important new feature is "a nice graphical user interface", according to Firewall product manager Roger Rea, formerly with Tivoli.

Version 2.2, says Rea, will be generally available June 27. There will be a Java-based graphical user interface for the administration console replacing the old menu-based interface. "The browser makes it prettier. Also it gives capability to do enterprise firewall management - from the central console, you can do general firewall configuration remotely, or set up configs and push down to firewalls."

The standalone Windows 95 product is bundled with the 16-user product at under $10,000. It's actually a "virtual private network" which is normally supplied as a tunnel from one firewall to another firewall. The PC VPN just leaves out the need for a local firewall; the PC has a direct interface to the TCP/IP stack down which it sends the encryption and authentication data.

There is no "virtual firewall" on the standalone PC, in fact - this is to prevent the danger of having a PC on one LAN dial into another LAN, giving access to all the other people on its home LAN. But the effect is that you are able to penetrate the firewall as if going through one on your own machine.