>We are deciding on whether to purchase SonicWall Pro or GnatBox
>GB-1000. Have any of you had experience with either of these two
>products? Any feedback would be appreciated.
I've "followed" both of them a bit, I subscribe to the GB mailing list.
At this point, they are both very good and successful. Realize that
GnatBox was initially xBSD/Intel + packet filtering + web admin interface.
As a free software alternative, FreeBSD + ipfilter is an unlimited
sessions, very powerful stateful packet filtering, NAT (static and
dynamic, 1:1, n:m), traffic accounting/logging platform that I've
seen firewall gurus argue is as good as Cisco PIX (which is just a
PC) for many, many $1000's less. Plus, with FreeBSD/ipfilter, you
have much more flexibility in interface selection (mutliple WAN,
mutliple/mixed LAN, etc) and if you need to run 100's of firewall
sessions and very high volumes, you could use a 900 or higher MHz PC.
For "internal firewalls" (between departments and network segments,
not just the external/internal border firewall which what I think
you're shopping for), you can build many FreeBSD/ipfilter boxes (so
the internal segments don't "trust" each other, nice in case of a
break-in) without additional expense, and providing more
security. You'll go broke doing that with commercial products and
their maintenance contracts.
As always with commercial infrastructure boxes, you'll need a
perennial, 24 x 7, 4-hour replacement contract for the proprietary
hardware. You don't need that with generic PC-based solutions.
If you go open source, be prepared for Microsoft/Jim Allchin to call
you a destroyer of intellectual property, against innovation, and,
gasp, "un-American". The latter shouldn't bother a .uk guy too much. :))))
Len
http://BIND8NT.MEIway.com : Binary for ISC BIND 8.2.3 for NT4 & W2K
http://IMGate.MEIway.com : Build free, hi-perf, anti-spam mail gateways
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
