[geeks] Firewalls...

Thu Mar 22 08:22:54 CST 2001

* Will Mc Donald (wmcdonald at orctel.co.uk) [010322 06:16]:
> Firewall-1 on x86/linux. Good idea? Bad idea? Discuss.
> 
> Our old sparc based firewalls are beginning to creak a bit, personally I'd
> like to replace them with bigger, better sparcs but as is always the way our
> budget probably won't stretch to much.
> 
> For the price we'd pay for a couple of 220Rs, 250s or 280R's kitted out
> adequate RAM and enough NICs to suit the site we could probably buy decent
> PC based servers for 1/10th the price, maybe a little more but not far off.
> 
> By my estimation a suitable Sun box looks like it'll probably cost around
> 20 - 25k, E280R with 1 x 750 MHz processor, 1 Gig RAM, 2 x 36 Gig disk, 2
> QFE and 2 gig eithernet cards.
> 
> PC based solution with a couple of Quad Ethernet cards, Gig ethernet cards,
> Ultra 160 SCSI and a gig or two of RAM could probably be build for about 3k
> using quality components throughout.
> 
> So is it worth it? Does anyone know how stable the latest FW-1 is on linux?
> 

For firewall Duties I prefer OpenBSD and IPFilter. Nice an robust and
stable. 

TIA
-- 
------------------------------------------------------------------------------
Ron Rosson          			      ... and a UNIX user said ...
The InSaNe One                 			      rm -rf *
insane at oneinsane.net     	            and all was /dev/null and *void()
------------------------------------------------------------------------------
                       There's no place like ~