VyOS - Firewall Security Solutions/Service Company
enterprisenetworkingmag

VyOS: Democratizing Network Access with Open Source Software

Follow VyOS on :

In the last two years, the COVID-19 pandemic had inhibited the business landscape at every turn, especially when it brought down the walls of the proverbial fortress of private corporate networks. Before the pandemic, the entire network including the devices in it was confined within the secure firewalls and safeguards of the workplace, but the reality is quite different now.

Today, the workforce is dispersed across broad geographies and working on their not-so-secure personal devices. So, the once rigid walls of the corporate private network have gotten blurrier, and with that, their existing routing and firewalling capabilities are no longer sufficient to regulate the traffic coming in from different locations.

At this juncture, the organizations need more versatile routing and firewalling that can adapt to the evolving network utilization requirements of the workforce without proprietary software restrictions or prohibitive costs. Fortunately, these are the exact capabilities that VyOS is bringing to the table with its dynamic open source network operating system (NOS). The open source platform underlying the NOS is flexible enough to facilitate seamless access to the employees dispersed across broad geographies and, at the same time, help organizations retain the high level of security and threat-blocking capability they had within their secure workplaces.

While empowering countless organizations in upgrading their network routing and firewalling capabilities to counter the pandemic’s challenges, VyOS is still staying true to its roots of freeing organizations from the limitations of proprietary software vendors. “The story behind the inception of VyOS goes back to 2006 when a group of thought leaders decided to create an independent open source network operating system named Vyatta,” says Yuriy Andamasov, CEO of VyOS. An alternative to proprietary, extremely expensive, and hardware-coupled NOS sold by big tech companies, Vyatta could be used in any third party hardware. However, without sufficient financial backing, Vyatta was acquired by a different company, which discontinued the free software and closed the source code. Interestingly, a group of enthusiasts still decided to keep the dream alive by re-engineering the last open source version of Vyatta into VyOS to democratize network operating systems.

Going Beyond the Boundaries of Hardware

Today, the versatility of the VyOS platform is allowing users to break free from the shackles of specific hardware. The users can host the platform on a diverse range of networking hardware, from small office routers to large enterprise servers. Even if the clients don’t wish to spend on new hardware, they can integrate VyOS with their existing hardware a capability that is far-fetched with proprietary vendors.
VyOS is even gaining popularity for routing and firewalling functions in virtual machines and the cloud, especially among organizations shifting to cloud based networking with the likes of AWS and Azure. It does not matter if the corporate network servers are located in the office, in a data center, or on the cloud; VyOS can be used to establish secure access to and between them without hassle.

In fact, VyOS can be hosted on bare metal servers (e.g. Dell EMC, Edgecore) and virtualized servers (e.g. Hyper-V, Nutanix) as well. Whether it is an x86 server or a different architecture, the clients can deploy VyOS on demand and convert it to match the capabilities of any expensive router on the market. These robust but flexible capabilities make VyOS even more coveted during uncertainties, like the ongoing pandemic.

Under the Hood of Excellence

The superior customization features offered by VyOS are backed by its uniquely layered architecture, which leverages a robust configuration management framework. This framework incorporates libraries for loading files, performing changes, and reading values from running configurations. These flexible capabilities of the code make it easy for clients to integrate new applications into the system whenever needed, including the customization of firewalls, VPN, and routing protocols.

Since the Open Source Code is Freely Available on the Internet, the Users Themselves Can Verify the Code and Ensure that there are no Vulnerabilities that Threat Actors can Exploit

VyOS’s architecture also features a powerful zone based firewall (ZBF), which is especially useful for complex networks with virtual LANs belonging to different zones, groups, or tenants. In such cases, the network administrators can leverage the ZBF capability to combine network interfaces into multiple zones and apply catch-all firewalling for inter-zone traffic. The ZBF policy, interestingly, allows the administrators to combine several network interfaces into singular zones, thus averting repetitive and messy rulesets of the regular per-interface firewall. Moreover, with ZBF, inter-zone traffic is blocked by default, and administrators create rulesets only when they explicitly want to enable traffic between zones.

Ramping Up Transparency through Open Source Code
Besides the superior customization capabilities, clients can also expect unmatched levels of transparency in the open source code of VyOS’s platform. While there are growing concerns about backdoors in network devices, with VyOS users can verify that there arent any. VyOS’s open source code leaves no stone unturned when it comes to employing security. “In fact, since the open source code is available on the internet, the users can verify the code and ensure that there are no vulnerabilities that threat actors can exploit,” assures Daniil Baturin, co-founder and CTO of VyOS.

Meeting the Evolving Networking Requirements

Driven by these competencies, VyOS is empowering countless businesses today to push the boundaries of what they can get from an open source network operating system. Andamasov particularly sheds light on a recent instance when a networking solution provider for the railway agency faced a problem with their existing software. What they needed was a robust NOS that would allow them to accurately configure the engaging and disengaging of train carriages through the railway agency’s network. However, since they already had perfectly working custom hardware, the client wanted a new NOS that could be hosted on the existing hardware. Fortunately, VyOS’s platform perfectly fit the bill. The client installed the new NOS, and as expected, VyOS enabled the client to get their exact configuration up and running in no time while also reestablishing precise remote carriage engagement and disengagement functions.
  • Our Aim is to make Our Open Source Nos as good as-if Not Better than-the Best Proprietary Networking Software in the Market


Moving ahead, VyOS seeks to introduce the benefits of its open source platform to a broader user base across the world. With interested partners already coming forward, VyOS is all set to extend integration into a new range of hardware. VyOS is also working on a Kubernetes integration, which will further ramp up the capabilities of its network operating system. The new version will also leverage the new Linux firewall, which will further bolster the network access security. Combined with its upcoming centralized management functionalities, the next version of VyOS software is certain to propel the company’s clients to the forefront of network operating technology. “Ultimately, our aim is to make our open source NOS as good as if not better than the best proprietary networking software in the market,” concludes Andamasov.
Share this Article:
Top 10 Firewall Solutions Companies - 2022
VyOS

Company
VyOS

Headquarters
Poway, CA

Management
Yuriy Andamasov, CEO and Daniil Baturin, Co-Founder and CTO

Description
VyOS offers an open source network operating system that can be installed on physical hardware or a virtual machine on your own server, or a cloud platform. It is based on GNU/Linux and joins multiple applications such as Quagga, ISC DHCPD, OpenVPN, StrongS/WAN and others under a single management interface. VyOS uses a layered architecture. All components such as firewall, VPN and routing protocols are built on top of a configuration management framework that includes a custom shell environment, libraries for loading the config files and committing config changes, and libraries for reading values from the running config.