Mike,
Where would something such as a Cisco PIX fall in your equation? Is it
hardware or software?
Jason
----- Original Message -----
From: "Mikael Olsson" <[EMAIL PROTECTED]>
To: "lee" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, July 05, 2000 3:44 AM
Subject: "hardware" and "software" firewall rant Was: Re: Comparison!!
>
> lee wrote:
> > Is there anyone who could give me a comparison between the hardware
firewall and software
> > Firewall(such as Checkpoint)?
>
> <rant mode on>
>
> Hmm let's see now.
>
> - Purchase "Firewall-1" and you get a "software" firewall
> that you get to install on your own hardware.
>
> - Purchase a unit in the Nokia IP series and you get
> a "hardware" firewall that you "plug and play".
> But, SURPRISE! It's running Firewall-1!
> The only real difference is that the software is
> pre-installed in the unit!
>
>
> That should pretty much tell you the difference between
> "hardware" and "software" firewalls. Nearly ALL "hardware"
> firewalls are pre-packaged "software" firewalls.
>
> Apparently there are one or two "real" hardware firewalls
> out there, one comes to mind that claims to run on custom
> designed ASICs.
> I don't really see the benefit of running on ASICs other
> than speed however, since upgrading, by definition, would
> mean that you have to send the box away to be replaced, neh?
>
> If someone claims to sell a "hardware" firewall, but lets
> you upgrade it "at home", it's just a pre-packaged "software"
> firewall.
>
>
> Anyway, generally speaking:
>
> "software" firewall benefits:
> - You get to pick your own hardware based on what you need
> - You can easily upgrade your own hardware if you need
> more RAM, faster CPU, more NICs, etc etc.
>
> "software" firewall drawbacks:
> - Usually take a while to install, if based on a large clunky OS
> rather than being self-contained. (In the latter case, they're
> usually really fast to install, next to no difference from
> a "hardware" firewall)
>
>
> "hardware" firewall benefits:
>
> - Faster to install since the software is pre-installed
> (unless you're buying a firewall for real security as opposed
> to "the feeling of security", in which case the time of
> redesigning your network and implementing a real policy would
> far outweigh the time the actual installation takes)
>
> - You can mostly count on the hardware to be compatible
> with the software. Usually. :-)
>
> "hardware" firewall drawbacks:
>
> - If the hardware breaks, you can't replace it yourself
> with your own spare computers. Call for a repairman or
> send the box in to be replaced. Support contracts may
> help here, i.e. "new box within 24 hrs guaranteed".
>
> - Usually, you can't upgrade the hardware yourself.
> A few vendors let you plug in your own NICs however.
>
> <rant mode off>
>
> I hope this serves to clear up a few misconceptions :-)
>
> /Mike
>
>
> --
> Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
> Phone: +46 (0)660 29 92 00 Direct: +46 (0)660 29 92 05
> Mobile: +46 (0)70 66 77 636 Fax: +46 (0)660 122 50
> WWW: http://www.enternet.se/ E-mail: [EMAIL PROTECTED]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
