i have an ipfilter/ipnat box, that i'm using to protect an apache webserver.
the machine is 4.7-RELEASE-p3 FreeBSD 4.7-RELEASE-p3 #1: Mon Aug 11 18:27:06 CDT
2003.  the machine is a dell optiplex gx260 Intel(R) Pentium(R) 4 CPU 2.40GHz
512 mb of ram.  it's been doing a fine job.

i'd like to get extra nics for this machine and stick additional servers, such as our 
win2k domain controllers, and a mysql box, possibly more, behind the firewall/nat.  

i wanted to ask - for a firewall/nat that would potentially be protecting multiple 
production machines, is ipfilter's performance comparable to production firewall 
appliances and software such as netscreen and symantec firewall?

i'm the only unix person where i work, and sometimes it's hard to get projects green 
lighted when a) i'm the only one on staff who knows the technology and b) it probably 
seems hard to believe to windows admins that a little pentium3 box with 2 nic cards 
and hand written firewall rules can do the same thing as an appliance that some 
companies are charging tens of thousands of dollars for.

i'd like to be able to present a case to my employers - that the ipfilter/ipnat box 
that i set up would be able to provide the performance of commercial firewall 
solutions, and was wondering if anyone knows of any benchmarks/reviews/etc. that i can 

any comments welcome

thanks as always

FreeBSD 5.1-RELEASE-p2 FreeBSD 5.1-RELEASE-p2 #0: Thu Aug 28 12:42:04 CDT 2003
 2:45PM  up 8 days,  1:42, 1 user, load averages: 0.73, 0.23, 0.13
"You should, without hesitation, pound your typewriter into a
plowshare, your paper into fertilizer, and enter agriculture."
                -- Business Professor, University of Georgia

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to