Network Security Tools
Network security tools and solutions for firewalls, intrusion detection, network monitoring, segmentation, and secure access.
Browse 559 network security tools
USE CASES
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.
PFQ v6.2 is a functional framework for Linux optimized for efficient packet capture/transmission and in-kernel processing.
6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
An intrusion prevention system for SSH that blocks IP addresses after a set number of consecutive failed login attempts.
A wireless network detector, sniffer, and intrusion detection system
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
CrowdSec is a collaborative behavior detection engine that analyzes system logs to identify and block malicious activities using community-shared threat intelligence.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
A package for capturing and analyzing network flow data and intraflow data.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
A tool for classifying packets into flows based on 4-tuple without additional processing.
An open-source network security monitoring tool.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
Open source framework for network traffic analysis with advanced features.
Express middleware for detecting and redirecting Tor or Surface users.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
Network Security Specializations
559 tools across 11 specializations · 70 free, 489 commercial
Network Detection and Response
NDR platforms for real-time network threat detection, investigation, and automated response to network-based attacks.
Next-Gen Firewalls
Next-generation firewall (NGFW) solutions with advanced threat detection, application control, and deep packet inspection.
VPN
Virtual Private Network tools for secure, encrypted connections and privacy protection.
Network Security Tools FAQ
Common questions about Network Security tools, selection guides, pricing, and comparisons.
Traditional firewalls filter traffic based on ports, protocols, and IP addresses. Next-generation firewalls (NGFWs) add application awareness (identifying apps regardless of port), integrated intrusion prevention (IPS), SSL/TLS inspection, user identity awareness, and threat intelligence feeds. NGFWs can block specific application features while allowing the app itself.
NDR (Network Detection and Response) uses machine learning and behavioral analysis to detect threats in network traffic, including encrypted traffic analysis. Traditional IDS (Intrusion Detection Systems) rely primarily on signature matching against known attack patterns. NDR catches novel attacks and lateral movement that signature-based IDS would miss, and adds automated response capabilities.
Yes. Zero trust reduces reliance on network perimeter security, but network security tools remain essential for: detecting lateral movement, monitoring east-west traffic, protecting legacy systems that cannot support zero trust agents, DDoS mitigation, and providing visibility into encrypted traffic. Zero trust and network security are complementary, not replacements for each other.
