Firewall opinions wanted please
Rachael Treu
rara at navigo.com
Wed Mar 17 17:07:42 UTC 2004
Netscreen rocks. They are record-breakingly sexy devices running the gamut
as far as networks they can be configured to service and they burlier beasties
are easily worthy of deployment on a carrier class network.
However, if you're looking to drop small change on a product that will not
be required to withstand the rigors of VPN termination, HA, VRRP, blah
blah blah, and you are trying to cover basic, fundamental firewalling
(port filtering is a very base feature and should open the doors to many
other vendors if that's truly the brunt of what you are trying to achieve),
then take a gander at PIX. Or even Raptor or Checkpoint. All 3 are old
standbys that have seen their days being equally celebrated as leaders
and mourned as losers.
boa sorte,
--ra
--
k. rachael treu, CISSP rara at navigo.com
..quis costodiet ipsos custodes?..
On Tue, Mar 16, 2004 at 02:27:16PM -0800, Nicole said something to the effect of:
>
>
>
> Hi
> I am looking for a good but reasonably priced firewall for a 40 or so server
> site. Some people swear by Pix, others swear at it a lot. Also I have heard
> good things about Netscreen. Or any others you would recommend for protecting
> servers on a busy network. Don't really need anything with VPN just the
> standard http, ftp, ssh, https, type traffic up to 100mb throughput.
> From what I have heard a proxy firewall would be best?
>
>
>
> Thanks in advance!!
>
>
> Nicole
>
>
>
>
>
> --
> |\ __ /| (`\
> | o_o |__ ) )
> // \\
> - nmh at daemontech.com - Powered by FreeBSD -
> ------------------------------------------------------
> " Daemons" will now be known as "spiritual guides"
> -Politically Correct UNIX Page
>
More information about the NANOG
mailing list