[lug] Firewall != Linux, Was -> Broadband

Sean Reifschneider jafo at tummy.com
Tue Aug 1 17:54:23 MDT 2000

On Tue, Aug 01, 2000 at 05:16:14PM -0600, Chris M wrote:
>- You're going to think Squid is better-performing and more feature-rich
>than a cache appliance (proven false)
>- You're going to think a Linux NFS server is better-performing and more
>feature-rich than a NAS appliance (proven false, if you've played with
>LADDIS and a NetApp)

The question isn't about "which is more feature-rich".  I'd expect a $45,000
netapp to have more features than a $3,000 Linux machine.  The question
is about price/performance.

Yes, I know you assert that Linux is more expensive that the competition.
The comparisons I've made seems to indicate that the other options are
MUCH more expensive, but we'll see what you have available for under

>This doesn't mean Linux can't be a firewall, it just isn't a good one

That depends.  One of the reasons I like a Linux firewall is it's
predictability.  I don't have to remember yet another vendor's
syntax, figure out how to tell it what I mean, etc...

I haven't done the testing to have a real position on wether the
firewalls I install with Linux are more or less secure than a PIX
or another vendor.  I do know that I won't be installing a $4,500
commercial firewall at home any time soon.  The Linux firewall
running it was free (I would have spent similar amounts of time
installing a commercial firewall, over the 30 minutes I spent on
the Linux one).

It's all a game of tradeoffs...

 This mountain is PURE SNOW!  Do you know what the street value of this
 mountain is!?!                -- Better Off Dead
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python

More information about the LUG mailing list