Re: Linux firewall vs Windows and Hardware based firewalls
On Thu, Jul 31, 2003 at 08:50:21PM +0800, Robert Storey wrote:
> Everything I've ever read indicates that a hardware-based firewall is
> more secure and reliable than an PC operating system, be it Linux or
> Windows. A PC OS has to be complex because it has so many functions to
> perform, but that adds potential security holes and one can never close
> them all. Furthermore, Intel-based PCs have some well-known exploits
> (such as buffer overflows) which are a function of the hardware and
> there is no real cure because changing the CPU instructions would break
> backward compatibility. By contrast, a router operating system is very
> simple and designed to do only one thing, and the hardware (which has no
> moving parts) is more reliable and uses far less electricity than a PC.
>
> A Linux-based firewall is probably good enough for the average home
> hobbyist, but in a professional environment it doesn't pay to "save
> money" by recycling an old PC with Linux installed in place of a router.
>
> regards,
> Robert
Hmm... I'm not an expert and this is my understanding of software and
hardware firewalls.
A hardware firewall would probably be more reliable - the security part
is debatable. A firewall is a firewall - it's security comes from its
configuration. An cutdown firewall/router machine with minimal services
can be just as secure as hardware firewall.
The advantage of hardware firewall - most likely speed -
specialised hardware to deal with packet processing and the like.
This won't be an issue if you're a home user with a few machines but
for corporate use, with lots of machines and traffic, you want things
to be speedy and more efficient.
--
Reply to: