On 20/09/2004, M Raju <[EMAIL PROTECTED]> wrote To [EMAIL PROTECTED]:
> Anyone running OpenBSD PF as the primary firewall for large mid-large
> orgranizations? If so what type of hardware, setup, etc. Just
> curious..
case 1: replace PIX by OpenBSD on a 1.1ghz el-cheapo-19" PC -->
doubled that NAT'd traffic thruput to a ~30mbit/s sustained
traffic http server
case 2: complete DMZ infrastructure for a private University; around
1000 Users behind a E3 line. Actually there's a Checkpoint in
this setup, too, tho there's an OpenBSD/pf gateway *in front*
of it :->
case 3: european-wide VPN (isakmpd) plus pf(4). branch locations use
cheap PCs, central office uses 2 Sun X1s. Total over 1200 Users.
System-updates in the branches are done by shipping preinstalled
HDDs.
In case 2 and 3 the cost-savings partly have been spent into training
on OpenBSD and the services needed.
ciao
--
pb@
