It depends on your setup but imo running 2 on the same machine wont prove any added benefit unless your wanting to be really specific on not only the traffic that goes to your network but also to the firewall box itself. For example, suppose in your first firewall program, you want to allow connections to port 80, 22 and 23.. Then out of THOSE connections you only want to allow connections FROM certain ip addresses. YOur doing your filtering based on 2 seperate criteria or depths. In the next example suppose you want all port 80 traffic to go to a nat'd box on your network and all ssh traffic to go directly to the firewall box itself. YOu could do so with seperate firewall software but it wouldnt really be of any benefit because you can do the same with ONE package. As far as traffic and load are concerned, most firewall packages arent written with any kind of load balancing features in them (to my knowledge. I normally stick to iptables/ipchains.. havent used blackice). If it were my network, id monitor the load and see how my software firewall performed. If it shoots up anywhere in the 90 percent area, you might want to consider something more optimized like a hardware pix, linksys firewall.
Let me know if that helps, -Terry Hi, Would there be a problem if you ran two two firewall proggies at the same time? I did a websearch first any only found http://www.fosters.com/special_sections/online/articles2001/1023d.htm Which only says two firewalls might conflict with each other without any specific info. Besides that there might be softwarewise conflict between them, I'm only interested in this from security standpoint. I was thinking you could use the strengths of both. I also read on the website of networkice that most firewalls fall short when networkload is high: BlackICE was able to catch 99% of the attacks on a fully-loaded 10/100 Mbps network using less than 40% of the CPU resources. The closest competitor used 90% of the CPU resources and only managed to catch 9% of the attacks. I can't imagine that when you have installed two firewalls that they would spread the load since the two programs do not interact with each other, but more likely that they both would take more cpu resources and check less network traffic when running two firewalls at the same time under heave network traffic. Is this true? Philip Wagenaar ______________________________________________________________________ The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. Ernst & Young LLP
