Re: Linux firewall vs Windows and Hardware based firewalls

From: Ron Johnson (ron.l.johnson_at_cox.net)
Date: 07/31/03

  • Next message: Jeetu Golani: "Re: What java plugins i needed to install?" 
    To: Debian-User <debian-user@lists.debian.org>
Date: 31 Jul 2003 11:45:04 -0500

    On Thu, 2003-07-31 at 11:29, Mark Ferlatte wrote:
    > Andre Volmensky said on Thu, Jul 31, 2003 at 04:11:14PM +1000:
    > > What are the advantages of a linux firewall over something like Windows
    > > with WinRoute on it, or even a hardware based firewall. What are the
    > > disadvantages etc. I know I am asking on a linux users mailing list, but
    > > I would also like reply's not to be too bias.
    >
    > I would say that the largest advantage of the hardware firewalls is stability:
    > you don't have to worry about disk failure. Now, you can build a Linux
    > firewall that loads off of a flash, but why bother when companies have done it
    > for you (ImageStream's Rebel routers are an example of this, which I've
    > personally used and am reasonably happy with).
    >
    > The largest disadvantage is lack of flexibility: if you want to do something
    > that your hardware doesn't support, you're hosed. But, for firewalls, you
    > generally don't want to do too much, so this isn't as much of a problem.
    >
    > For any small (read: DS3 or less), a PC based firewall will perform just as
    > well as a hardware firewall. On the other hand, do you _want_ to be paged at
    > 4am because your PC based firewall ate a disk?

    So burn the system onto a CD. Then, no HDD, and once the system
    boots and all is loaded into RAM, the CD-ROM drive won't spin much
    either.

    Flexibility is slightly harder: you must burn a new CD-R every time
    you change the rules, but that can be made easy, if the ISO is on
    your HD, and mountable by loopback, or you can put /etc on a write-
    protected floppy. 

    -- 
+-----------------------------------------------------------------+
| Ron Johnson, Jr.        Home: ron.l.johnson@cox.net             |
| Jefferson, LA  USA                                              |
|                                                                 |
| "I'm not a vegetarian because I love animals, I'm a vegetarian  |
|  because I hate vegetables!"                                    |
|    unknown                                                      |
+-----------------------------------------------------------------+
-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: Jeetu Golani: "Re: What java plugins i needed to install?"