Re: Linux firewall vs Windows and Hardware based firewalls
On Thu, 2003-07-31 at 11:29, Mark Ferlatte wrote:
> Andre Volmensky said on Thu, Jul 31, 2003 at 04:11:14PM +1000:
> > What are the advantages of a linux firewall over something like Windows
> > with WinRoute on it, or even a hardware based firewall. What are the
> > disadvantages etc. I know I am asking on a linux users mailing list, but
> > I would also like reply's not to be too bias.
>
> I would say that the largest advantage of the hardware firewalls is stability:
> you don't have to worry about disk failure. Now, you can build a Linux
> firewall that loads off of a flash, but why bother when companies have done it
> for you (ImageStream's Rebel routers are an example of this, which I've
> personally used and am reasonably happy with).
>
> The largest disadvantage is lack of flexibility: if you want to do something
> that your hardware doesn't support, you're hosed. But, for firewalls, you
> generally don't want to do too much, so this isn't as much of a problem.
>
> For any small (read: DS3 or less), a PC based firewall will perform just as
> well as a hardware firewall. On the other hand, do you _want_ to be paged at
> 4am because your PC based firewall ate a disk?
So burn the system onto a CD. Then, no HDD, and once the system
boots and all is loaded into RAM, the CD-ROM drive won't spin much
either.
Flexibility is slightly harder: you must burn a new CD-R every time
you change the rules, but that can be made easy, if the ISO is on
your HD, and mountable by loopback, or you can put /etc on a write-
protected floppy.
--
+-----------------------------------------------------------------+
| Ron Johnson, Jr. Home: ron.l.johnson@cox.net |
| Jefferson, LA USA |
| |
| "I'm not a vegetarian because I love animals, I'm a vegetarian |
| because I hate vegetables!" |
| unknown |
+-----------------------------------------------------------------+
Reply to: