The consensus on the list from previous threads seems to be:
Use what you're most familiar with. Performance and stability may differ a
bit (in general, Linux > Solaris > NT for performance), but ultimately the
most secure and stable firewall is a firewall administered by someone who
knows their OS platform.
No OS holy wars - go with what you know.
Dan Hitchcock
CCNA, MCSE
Network Engineer
Xylo, Inc.
425.456.3970
The work/life solution for corporate thought leaders
-----Original Message-----
From: Hartmann, Josef [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 13, 2000 6:25 AM
To: [EMAIL PROTECTED]
Subject: RE: [FW1] NT vs Unix as FW platform
Well, nice document however I am rather looking for a comparison in general,
not specific to FW-1. Just what's the advantage of using Unix (and disadv.
of using NT) und why should I use a NT system/ shouldn't use NT/ Unix.......
> -----Original Message-----
> From: Jason Costomiris [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, December 13, 2000 2:17 PM
> To: Michael Liberte
> Cc: [EMAIL PROTECTED]
> Subject: Re: [FW1] NT vs Unix as FW platform
>
>
> On Wed, Dec 13, 2000 at 12:19:27PM +0200, Michael Liberte wrote:
> :
> : I would say that the test setup is a bit unfair.
> : After looking at the graphs, almost noone bothers to check the hardware
> and
> : software configuration of the machines that participated in the test.
> : As a matter of fact, they have almost nothing in common in terms of
> : processing power, patch levels, etc..
> : http://www.checkpoint.com/products/firewall-1/pbrief.html
>
> Agreed, the other test isn't a true measure of FW-1 performance. This
> other
> one is much more accurate. Why? Do users *ONLY* move VPN traffic through
> their firewalls? Heck no. VPN, while very important, is certainly not
> the bulk of firewall traffic today.
>
> The other problem these performance studies fail to address is the
> manageability of the platforms. We all know that it's easy to get an NT
> box up and running. Keeping it that way, well, that's another story
> entirely. Platforms like IPSO, Solaris and Linux are far easier to
> maintain (far better patch management, no DLL-Hell, etc.).
>
> I'd like to see a more "fair" comparison on Check Point's site. Look at
> the
> different machines, none of them have similar CPU power. Obviously, since
>
> they include RS/6k's and Sun E250's, some adjustments would need to be
> made,
> but we've got 3 Intel-based platforms here, and they're not even close:
>
> 1 x P-III 700 (Nokia IP650)
> 2 x P-III 600 (NT4 SP3 - hey, isn't SP4 the earliest that's Y2k
> compliant?)
> 2 x Xeon 550 (Linux - RedHat 6.1)
>
> Why not put all 3 platforms on a single P-III 700 and let them duke it
> out?
>
> : http://www.checkpoint.com/products/vpn1/vpn1perfdata.html
>
> --
> Jason Costomiris <>< | Technologist, geek, human.
> jcostom {at} jasons {dot} org | http://www.jasons.org/
> Quidquid latine dictum sit, altum viditur.
>
>
> ==========================================================================
> ======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
