On Sun, Jul 06, 2003 at 06:12:09PM +0530, Vinu Moses wrote: > * 10 - 15 servers on a variety of OS's networking with TCP/IP > (also have some Netware boxes on IPX, but these will not be put behind > the firewall) > * a switched 100 Mbp/s network > * 250-300 clients
For such a small network, you certainly don't need a PIX. Linux will do nicely. > The questions: > 1. Would implementing the firewall / gateway on a linux box be feasible? Sure. Keep the number of packages installed to the absolute minimum. I have 169 packages installed and only one port open, 22. > 2. What sort of specs. would be required for this linux box? > -- RAM and bandwidth being the two most important criteria, I'm thinking > of a Xeon 2 Ghz box with 1 Gb RAM and two 1 Gbp/s Intel > EtherExpressPro NIC's. Phew. :-) I survive on a P III 500 MHz and 128 MB RAM. I have one eepro and two rtl8139 cards. My LAN is bigger than yours above (around 500 workstations, 40+ servers). > 3. Should I have two firewall / gateway linux boxes (to avoid a single > point of failure) - this is a large hospital and anything less than > 24x7 is not an option. Yes. Certainly. Investigate VRRP for automatic failover. > 4. How well would a linux firewall / gateway stand up to one of the > Cisco PIX� family of firewalls? Anyone have any comparisons? Well, IMO a linux firewall stands no chance when compared to a PIX. :-) But for most purposes, the PIX is an overkill. It is expensive, and the size of your network is adequately covered by a Linux firewall. > 5. Does anyone have a better idea on how this whole thing can be done? You are doing fine. Binand -- Russian Roulette with Unix: while :; do kill $RANDOM &> /dev/null && break || sleep 1; done ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
