CZ.NIC, the association managing the internet country code top-level domain for the Czech Republic, is now selling a plug-and-play firewall device built using open source software and hardware. The association, founded in 1998, works with the country’s interior ministry to coordinate Czech efforts on internet and computer security.
Earlier this month, CZ.NIC announced its firewall appliance, known as the ‘Turris Shield’. The devices will be kept up-to-date automatically, and will exchange information about attacks, explains CZ.NIC: “An attack on a Turris device in, say, Australia is instantly detected on all Turris devices all over the world.”
The firewall device includes a VPN server and client applications. This can help users protect their privacy, but also allows them remote access to selected devices in their home networks.
The TurrisOS software is based on the Linux distribution OpenWRT.
Almost entirely open source
CZ.NIC is making all of the software it created for the firewall device available as open source. It also publishes the schematics for all of its products, Michal Hrušecký, leading the development team for this and the other Turris appliances, told the Commission’s Open Source Observatory in an interview: “We are trying to be as open as possible, though there are some limits.”
The devices is built on ARM cores from Marvell, he explains. “We don't have the design of those CPUs. But we make sure that all our kernel and seems to be the same URL twice] U-Boot patches are sent upstream, and that our devices work nicely with the default kernels.”
According to Hrušecký, the complete hardware documentation, including the design of the printed circuit boards, will be available when CZ.NIC stops producing the appliance – “like we did for [its predecessor, the] Turris 1.X,” he explains. The hardware designs are currently prepared using proprietary software, but can be exported to KiCad, an open source alternative. “So it’s more a philosophical rather than a practical problem,” Hrušecký notes.
The Turris Shield device is priced at EUR 99.