Pro's for Hardware FW's (apart from which vendor):
- more scalable
- more throughput
- faster then most software solutions
- no OS which can have holes / bugs
Con's for Hardware FW's
- expensive
I would suggest to go for what you suite best.
If you like BSD, go for BSD.
If you don't have a very fast (internet) connection you
want to firewall and you don't really need a redundant
firewall solution (as far as I know ipfw or IPF can't be
scaled to more nodes in 1 cluster) then I would suggest
to stay with freebsd.
The security of bsd systems is good and they are stable.
ipfw or IPF are known as pretty secure firewall packages.
And most of all... it's FREE !!!
I personally don't see a big advantage in using hardware
based firewalls apart from the performance issue.
People say that an software based one has more administration
on it's hands (hardening and keeping it up to date with patches
and such). I see this as a challenge I always like to make.
But this is my personal opinion about hardware & software
firewalls which some persons probably don't agree with me.
Greets,
Brenno
> -----Original Message-----
> From: Rob [SMTP:[EMAIL PROTECTED]]
> Sent: woensdag 2 mei 2001 12:11
> To: GNAC
> Subject: Software versus Hardware Firewalls
>
> Hi,
>
> I regularly administer some FreeBSD servers, and more recently (as
> specified
> in another email) I will be required to implement several firewalls.
>
> From what I 'hear' everyone seems to go the hardware based firewall route
> -
> with Cisco having the most well respected name (at least for marketing
> purposes).
>
> I like BSD, I have been very impressed with the stability and security of
> the system. We don't generally see NT boxes on our network with >100 days
> uptime, but this seems to be quite common with BSD. I would be interested
> in
> looking into using FreeBSD with IPFW for our firewalls - but I am
> interested
> in your opinions.
>
> What are the advantages of using IPFW over say Cisco's products? What are
> the disadvantages?
>
> What experiences have you had of using either?
>
> Are there any comparisons on the net?
>
> Many Thanks
> -Rob
>
> --------------------------------
> http://www.robhulme.com
> http://www.christianunion.org.uk
>
> "...and scantily clad females, of course. Who cares if it's below zero
> outside." -- Linus Torvalds
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
