M0n0wall is an all-in-one network firewall package that includes many of the features found in commercial firewalls, including stateful packet filtering, NAT/PAT, DHCP, PPTP VPN, SNMP and IPSec.
Originally intended to be used as an embedded software firewall on inexpensive devices, M0n0wall is both very compact, requiring only 12MB of disk space, and fast. That initial design goal also makes M0n0wall a good candidate for running as a virtual appliance.
You can download the M0n0wall VM directly from the M0n0wall project site and instantly move it over to a virtual server. Setup and defining rules is relatively easy, thanks to a browser-based GUI that lays out all of the menus and choices in a clear and concise fashion. Anyone familiar with firewalls should have little trouble with M0n0wall.
M0n0wall is surprisingly full-featured and configurable, especially when you consider the price (free) and the small footprint. M0n0wall easily provides enough security controls and fine tuning abilities to make it suitable for branch offices and other small networks.