I would strongly recommend getting a firewall that runs on a box you can log into. We have a WatchGuard Firebox, and it works, but it is hard to troubleshoot problems (look at the logs and hope the linux syslog messages made it through etc.). We had a hardware issue with it, and, as we could not get a command prompt or open the box, it took a while to convince them to replace it (the replacement has been up for three months, no downtime).
I would recommend a software firewall running on Unix or PC hardware, and linux or unix software (NT/2000 is a viable alternative, but I'd have more confidence in the lin/unix solution reaching years of continuous uptime). Troubleshooting a system where you can access the O/S is much easier (and you can configure the important parts read only, as on the WatchGuard boxes, if you need the security), and you get a lot more options for configuration (at least if you use a firewall with lots of features e.g. CheckPoint). Gordon -----Original Message----- From: [EMAIL PROTECTED] <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Tuesday, November 13, 2001 12:44 PM Subject: What firewall? > >Hi! > > I\'m about to buy a firewall, and I wonder if you people could give me some advices that could help me decide which one that fits me best. See, I\'m quite new with this. > > So, this firewall should protect a quite big serverpark. It has to deal with a lot of information. It might be necessary to use two devices. If it is, the information will be divided upon these two with a load balancer. No special needs for VPN. > > I\'ve been thinking about using Watchguard Firewall 2500 or 4500. I know that 4500 handles VPN though. > > Is this a good choice? Is there sites on the net where products are compared and where you could see the good and the bad of each one? > >Thanks / Martin Andersson > >