WinRoute is not ICSA certified, which probably means that it won't protect against a full range of DoS attacks- so if someone wanted to lock up your server it wouldn't be hard. Also, WinRoute installs on top of Windows. This means that your firewall is vulnerable to all of the inherent flaws in Windows. WinRoute uses packet filtering as its security method. Packet Filtering is the least secure of the methods by which to filter data. It can best be compared to punching holes in a paper wall to let certain services in. When configured with the same features GNAT Box is a little more expensive than WinRoute, but this is a small price to pay for security. Additionally, the extra cost will be made up in the extra hardware required to run the caching and email server. Firewalls should perform security functions. Other functions should be left to other devices on the network. I would not trust my network to a Windows machine running a firewall, caching, AND a mail server. Windows has never had a reputation for its stability.
There was a nice thread on here not too long ago about GNAT Box's performance. You can check the archives about the exact numbers, but whoever did the testing determined that GNAT Box was near wire speed. You can't get too much faster than that. If there are any questions about GNAT Box's security, please refer to this link: http://www.n-m.com/events/results.htm As you will see, when compared to the "big names" we came out ahead. I could go on, but I think I have made my point. If anyone has any questions please feel free to ask them. -John Ross Global Technology Associates, Inc. 3505 Lake Lynda Drive Suite 109 Orlando, FL 32817 USA Tel: +1.407.380.0220 x105 Fax: +1.407.380.6080 http://www.gnatbox.com
