hi i have an ipfilter/ipnat box, that i'm using to protect an apache webserver. the machine is 4.7-RELEASE-p3 FreeBSD 4.7-RELEASE-p3 #1: Mon Aug 11 18:27:06 CDT 2003. the machine is a dell optiplex gx260 Intel(R) Pentium(R) 4 CPU 2.40GHz 512 mb of ram. it's been doing a fine job.
i'd like to get extra nics for this machine and stick additional servers, such as our
win2k domain controllers, and a mysql box, possibly more, behind the firewall/nat.
i wanted to ask - for a firewall/nat that would potentially be protecting multiple
production machines, is ipfilter's performance comparable to production firewall
appliances and software such as netscreen and symantec firewall?
i'm the only unix person where i work, and sometimes it's hard to get projects green
lighted when a) i'm the only one on staff who knows the technology and b) it probably
seems hard to believe to windows admins that a little pentium3 box with 2 nic cards
and hand written firewall rules can do the same thing as an appliance that some
companies are charging tens of thousands of dollars for.
i'd like to be able to present a case to my employers - that the ipfilter/ipnat box
that i set up would be able to provide the performance of commercial firewall
solutions, and was wondering if anyone knows of any benchmarks/reviews/etc. that i can
cite.
any comments welcome
thanks as always
redmond
--
FreeBSD 5.1-RELEASE-p2 FreeBSD 5.1-RELEASE-p2 #0: Thu Aug 28 12:42:04 CDT 2003
2:45PM up 8 days, 1:42, 1 user, load averages: 0.73, 0.23, 0.13
"You should, without hesitation, pound your typewriter into a
plowshare, your paper into fertilizer, and enter agriculture."
-- Business Professor, University of Georgia
pgp00000.pgp
Description: PGP signature
