Date: Fri, 5 Sep 2003 15:03:18 -0500 From: Redmond Militante <r-militante@northwestern.edu> To: freebsd-questions@freebsd.org Subject: ipfilter vs. firewall appliance Message-ID: <20030905200318.GJ65035@darkpossum>
next in thread | raw e-mail | index | archive | help
--MzdA25v054BPvyZa Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hi i have an ipfilter/ipnat box, that i'm using to protect an apache webserver. the machine is 4.7-RELEASE-p3 FreeBSD 4.7-RELEASE-p3 #1: Mon Aug 11 18:27:0= 6 CDT 2003. the machine is a dell optiplex gx260 Intel(R) Pentium(R) 4 CPU 2.40G= Hz 512 mb of ram. it's been doing a fine job. i'd like to get extra nics for this machine and stick additional servers, s= uch as our win2k domain controllers, and a mysql box, possibly more, behind= the firewall/nat. =20 i wanted to ask - for a firewall/nat that would potentially be protecting m= ultiple production machines, is ipfilter's performance comparable to produc= tion firewall appliances and software such as netscreen and symantec firewa= ll? i'm the only unix person where i work, and sometimes it's hard to get proje= cts green lighted when a) i'm the only one on staff who knows the technolog= y and b) it probably seems hard to believe to windows admins that a little = pentium3 box with 2 nic cards and hand written firewall rules can do the sa= me thing as an appliance that some companies are charging tens of thousands= of dollars for. i'd like to be able to present a case to my employers - that the ipfilter/i= pnat box that i set up would be able to provide the performance of commerci= al firewall solutions, and was wondering if anyone knows of any benchmarks/= reviews/etc. that i can cite. any comments welcome thanks as always redmond --=20 FreeBSD 5.1-RELEASE-p2 FreeBSD 5.1-RELEASE-p2 #0: Thu Aug 28 12:42:04 CDT 2= 003 2:45PM up 8 days, 1:42, 1 user, load averages: 0.73, 0.23, 0.13 =20 "You should, without hesitation, pound your typewriter into a plowshare, your paper into fertilizer, and enter agriculture." -- Business Professor, University of Georgia =20 --MzdA25v054BPvyZa Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/WOwG7g+NJl/fSB0RAligAKDLARifPPJLzt7oDN4OtIZV94NsiQCgv754 nTbHxq1mBKOUL2Wp1NxrOcE= =WCsg -----END PGP SIGNATURE----- --MzdA25v054BPvyZa--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030905200318.GJ65035>