On Thu, 2004-05-27 at 11:57 +0800, Eric Noel wrote: > Can anyone share configuration/setup procedures for implementing debian > as a pix/firewall replacement for production? or has anybody secured > debian to be their production firewall in protecting their financial > data centric network (e.g banks, stock traders, etc)? Is it recommended, > or we should just use pix/fw1 for that.
I've done that in QC City Hall, but it wasn't really a PIX replacement - the debian firewall I made there was replaced by PIX of a Cisco 6509 :D That time I implemented the debian machine as a firewall, there was no Cisco 6509 there at City Hall :D If you've got PIX already - use it. If not, then going for a PC firewall does save some budget. Pros and Cons: PC Router/Firewall: Pros: dirt cheap, easy to implement, easy to extend functionality Cons: moving parts, constant patching Appliance Router/Firewall: Pros: Less moving parts, easy to implement, less patching Cons: TONS MORE EXPENSIVE :D, not easy to extend functionality The ideas that you translate in PIX are also applicable in configuring PC routers - it's just that you'd need to translate them into ipchains/iptables for Linux, or ipfw/pf for the BSDs. -- Paolo Alexis Falcone [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
