[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: firewalls

To: misc@openbsd.org
Subject: Re: firewalls
From: josh <dorqus@bsdfreek.com>
Date: Wed, 6 Dec 2000 23:24:35 -0500
Content-Disposition: inline
References: <3A2EA370.9DF3BAF4@epcot.revenio.com>
User-Agent: Mutt/1.2.5i

Nicholas Basila wrote...
> We are evaluating firewalls at work. I was wondering if anyone had a
> link to a site that gives an honest evaluation of commercial products,
> and firewalls using ipf. I'd love to see a site that rates an OpenBSD
> box with ipf a better "buy"  than, say, Checkpoint or some other
> firewall. If I can't provide some sort of online justification for using
> OpenBSD and ipf, I'll probably end up having to go with some NT based
> firewall to make management happy. Does anyone know a good site for such
> things?

FWIW, we just finished moving our entire network at work
(I work for an ISP) from a Checkpoint based solution to several
OpenBSD boxes.  We're much happier with the performance, speed,
cost, support, etc. etc. etc. 
Checkpoint support from VAR's is typically laughable, there is
mixed documentation about it, and hell, it runs on NT, need I say more :)
Anyway, I'd go with the most secure OS out there (OpenBSD) as a base,
and use ipf to do your firewalling.  My company is starting to
offer our customers an OpenBSD firewall solution, instead of checkpoint.
It's a lot cheaper, and a lot easier to maintain, and with ipf at
least you know what's going on, unlike Checkpoint and their "implied
rules", "psuedo rules", etc.

Just my $0.02, that and $1.50 will get you on the subway here in NYC :)

--
josh

References:
- firewalls
  - From: Nicholas Basila <nbasila@epcot.revenio.com>

Prev by Date: Re: firewalls
Next by Date: Which floppy image for ftp install with 3com 3c905 NIC
Prev by thread: Re: firewalls
Next by thread: Re: firewalls
Index(es):
- Date
- Thread