John Saylor [[EMAIL PROTECTED]] quoth:
*>
*>Sounds good. Just to make sure I understand, I think you said that this
*>is better than your OBSD firewall because it's easier to configure and
*>maintain? Is that correct or is there something else [or somethings
*>else]?
I don't know that I would say it's 'better' but it replaces the firewall
and the hub with one nice, small and easily configurable little box. Also,
it allows for a single 'DMZ' host where my OBSD box can now go which is
cool as I can use it for things like a web server and email where I
wouldn't have considered doing that when it was the bastion host.
*>I recall you mentioning how it's not as configurable, but that that was
*>a feature not a bug. I would guess this has somthing to do with lowering
*>the complexity of your setup. Again, am I right or did I misunderstand?
Well, it's not as configureable as some of the more high-end Cisco and
Netopia products that are far more expensive. However, for a small
home LAN that doesn't want a lot of special services to boxes other than
the DMZ it's really not an issue.
And OBSD is really pretty simple to set up, but this is a nice little box
that takes 10 minutes from pulling it out of the box, clicking a few
buttons and plugging it into the network. I don't know about you, but I
generally don't recommend Unix firewalls for the uninitiated. :) Besides,
even for a techie, sometimes picking the solution that saves time is the
most economical as time is a scarce commodity these days.
*>How secure would you say it is?
I haven't found any publicly known hacks for it, the configuration is
allowed only on the LAN port and seems so far to be very vigilant. There
is a switch where you can block or allow all WAN traffic which I believe
is block for the default, but if it weren't the security wouldn't be so
great obviously.
e.
