FirewallConfig: firewalld is a dynamically managed firewall daemon with support for network/firewall zones to define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings and for ethernet bridges and has a separation of runtime and persistent configuration options. It also provides a D-Bus interface for services or applications to add and apply firewall rules on-the-fly.
The mentioned packages and applications here are recommended to get provided on every fresh installed operating system for many security reasons as follows:
OpenNTPD: a Unix daemon implementing the Network Time Protocol to synchronize the local clock of a computer system with remote NTP servers. It is also able to act as an NTP server to NTP-compatible clients.
OpenSSH: a suite of secure networking utilities based on the Secure Shell protocol, which provides a secure channel over an unsecured network in a client–server architecture.
OpenSMTPD: a Unix daemon implementing the Simple Mail Transfer Protocol to deliver messages on a local machine or to relay them to other SMTP servers.
OpenDNSSEC: a complete DNSSEC zone signing system which is very easy to use with stability and security in mind. There are a lot of details in signing zone files with DNSSEC and OpenDNSSEC covers most of it.
OpenSSL: a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.
OpenVPN: an open-source commercial software that implements virtual private network techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange.
OpenConnect: an open-source software application for connecting to virtual private networks, which implement secure point-to-point connections. It was originally written as an open-source replacement for Cisco's proprietary AnyConnect SSL VPN client, which is supported by several Cisco routers.
Stunnel: an open-source multi-platform application used to provide a universal TLS/SSL tunneling service. Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively.
SCdaemon: GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC4880.
Installing the following extensions via package management:
network-manager-ssh
network management framework (SSH plugin core)
network-manager-pptp
network management framework (PPTP plugin core)
network-manager-l2tp
network management framework (L2TP plugin core)
network-manager-openvpn
network management framework (OpenVPN plugin core)
network-manager-openconnect
network management framework (OpenConnect plugin core)
network-manager-strongswan
network management framework (strongSwan plugin)
network-manager-vpnc
network management framework (VPNC plugin core)