Also, who's going to be managing this firewalls? Sounds like you need a
dedicated security person considering the type of information that you are
dealing with. OpenBSD, should handle what you need just fine, but if you
don't have anyone familiar with UNIX experience around, it might be a bit
daunting. I'm not sure what the cost of a 515 and a support contact are,
but you might be better off spending the money to hire a security admin and
go the open source route. You can buy all the best equipment (in whomever's
opinion), but if you don't have someone running the show that has a clue, it
won't do you much good. Your firewall can't necessarily protect insecure
OS'es and apps.
Mike
----- Original Message -----
From: "Edward Ingram" <[EMAIL PROTECTED]>
To: "Jose Nazario" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, April 03, 2001 11:45 AM
Subject: Re: What firewall to use
> Sorry...I did leave out some important details. I should probably have
had
> my cup of coffee first. :)
>
> We also host about 50-70 websites (using IIS) and we have a T3 connection
to
> our ISP so our traffic does tend to get pretty high. I need a box that
will
> support this as well. I know both the PIX and the GNAT support DMZs.
>
> Ed
>
>
> ----- Original Message -----
> From: "Jose Nazario" <[EMAIL PROTECTED]>
> To: "Edward Ingram" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Tuesday, April 03, 2001 10:20 AM
> Subject: Re: What firewall to use
>
>
> On Tue, 3 Apr 2001, Edward Ingram wrote:
>
> > One is a Cisco PIX 515 and the other is a GNAT 1000 box.
>
> > The GNAT is a less robust, but much cheaper solution. Since we are a
> > relatively small company, cost IS a big issue here, however, I would
> > like to know which is the better solution in regards to
> > security/price.
>
> if you're goimng to play with GNAT, i would suggest playing with OpenBSD
> and IPF, along with OpenBSD's IPSec VPNs. the OpenBSD kernel is among the
> finest in the business, IPF has features too many firewalls can't offer,
> and the price seems to be right for you: free.
>
> give it a whirl: http://www.openbsd.org/
>
> as a note, several commercial offers are based on OpenBSD.
>
> you didn't note what features you need, just some data to protect. so ..
> with that limited info i make my suggestions to you to investigate
> OpenBSD/IPF.
>
> ____________________________
> jose nazario [EMAIL PROTECTED]
> PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
> PGP key ID 0xFD37F4E5 (pgp.mit.edu)
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
