Re: Linux firewall vs Windows and Hardware based firewalls
On Thu, 2003-07-31 at 01:11, Andre Volmensky wrote:
> Hello all,
>
> I have to put forward an argument to management regarding setting up a
> firewall on some of our clients networks.
>
> What are the advantages of a linux firewall over something like Windows
> with WinRoute on it, or even a hardware based firewall. What are the
> disadvantages etc. I know I am asking on a linux users mailing list, but
> I would also like reply's not to be too bias.
Vs. Windows:
- stability: you can make a Win2k box as stable as a "Unix" box
only by adding lots more RAM.
- resource usage (a *minimal*, headless "dumpster special" (i.e. free
as in beer] PC does great as a Linux/{Open|Free}BSD firewall).
32MB RAM, 1GB HDD and a Pentium 133 are more than adequate for
10Mbs (1.25MBps) Ethernet, and a T1 is much slower than that.
Vs. H/w:
- Flexibility: a h/w firewall/router lets you do *only* what is flashed
onto the FlashRAM, nothing more. A good general purpose OS (again,
Linux/{Open|Free}BSD) lets you do more, like traffic analysis/shaping,
intrusion detection, etc, etc.
- Upgradeability: every time a new kernel or version of userland apps
come out, you can get bug fixes and new features.
- Security: you have the source, so "you" can verify correctness.
- Security: if the manufacturer of the h/w firewall goes out of
business or stops supporting that model, you must buy a new model,
or face the possibility of unpatched bugs.
--
+-----------------------------------------------------------------+
| Ron Johnson, Jr. Home: ron.l.johnson@cox.net |
| Jefferson, LA USA |
| |
| "I'm not a vegetarian because I love animals, I'm a vegetarian |
| because I hate vegetables!" |
| unknown |
+-----------------------------------------------------------------+
Reply to: