Dominic Malig wrote: > > [...] appliance vs software firewall 'which is better' [...] Given that we tout both software packages and appliances, I think I can authoratively say that there is virtually zero difference between the concepts. For _our_ stuff, the only difference is that we know beforehand that the software works reasonably well with the hardware. So, a generalistic discussion about software/appliance is pretty much a moot point. Now, if you want to discuss pros and cons of software/appliance for specific firewall vendors, I'm sure we can come up with more interesting points. For instance, I believe that most people will get a more secure solution if they buy FW-1 on a Nokia box, rather than setting FW-1 up on Solaris, or (horror!) NT for that matter. Why? I believe Nokia does a good job of hardening their boxes; likely a better job than most people can do hardening Solaris/NT boxes. That is not to say that someone really clueful can't harden a Solaris box better, given enough time, but that's generally speaking not the case. On the other hand, I'd say that f.i. FW-1/Gauntlet/Raptor on NT has better chances of securing your network properly than, for instance, a "Netgear broadband router with firewall functionality", even though the latter is an appliance. ... want me to keep ranting? :) /Mikael -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com "Senex semper diu dormit" _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 11:56:32 PDT