"Philip J. Koenig" wrote: > > The classic argument seems to be that dedicated-ASIC-based > firewalls have at least a theoretical performance advantage. > Various people have been saying, for example, that Checkpoint's > days are numbered because stuff like Netscreen performs much > better. There is an interesting counter-argument: If you buy a "software" package and install on a piece of hardware, the ASIC based box will be much faster today, at ~5x the total price of the "homegrown" solution. However, in a little while, PCs will have caught up[1] or even bypassed that ASIC based box. You can replace the PC hardware yourself for $2K. How much is a new ASIC based box? /Mikael $std_disclaimer: I work for a firewall vendor whose software mainly runs on x86 architecture boxes. This however does not mean that I had these ideas spoon fed to me. I can think for myself, thankyouverymuch :) -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com [1] PCI-X motherboards are making it out into standard server chassis right now. PCI-X on a cool mobo does _really_ interesting things to network throughput. _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Wed Oct 16 2002 - 14:49:20 PDT