Well generally a hardware firewall appliance has a basic ruleset that makes it a good plug and play solution, thus the explosion of such appliances for different market segments (enterprise, soho, home, etc.). Almost always the rulesets don't need anymore optimizations on your part, unless you have really specialized needs. The best way to know if the appliance is doing what you want is to audit it, do some port tests, penetration tests, etc. These appliances also have updated firmware available for download that updates/reconfigures/adds new features to the product as time goes by.
It's a relatively painless solution and the technology has matured enough (firewalls don't need that much cpu power), although this is no different compared to an old box configured as a firewall. Jerome On Tue, 22 Mar 2005 09:56:45 +0800 (SGT), Kelsey Hartigan Go <[EMAIL PROTECTED]> wrote: > On Tue, 22 Mar 2005, Zak B. Elep wrote: > On the other hand it also means if you commit a mistake in the ruleset, > you get fried ... but how sure are you that the firewall appliance is > doing what you wanted...? > > -- > Kelsey Hartigan Go > Linux Registered User #5998 -- Cheers! Jerome Gotangco Ubuntu Local Community (LoCo) Philippine Team http://www.ubuntulinux.org/wiki/PhilippineTeam Lok'tar Ogar! http://loktarogar.blogspot.com -- Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
