On that note, I know someone who is trying to sell a pix. I don't have the specs right now, and I know that it needs a firmware upgrade. You would have to buy a support agreement with cisco in order to download that from them. But if anyone is interested, email me off list and I'll get the specs.
On Tue, 8 Mar 2005 13:41:54 -0700, Josh Coates <[EMAIL PROTECTED]> wrote: > > not to be butthead or anything, but.. > > >it's possible that a cisco box, running their embedded IOS instead of linux > would be a touch faster > > highly unlikely. > > >there are several advantages to having a DMZ for your webservers and hiding > the application and database servers on the inside, don't you think? > > of course. > > >Having hardware appliances might make it easier to configure > > this has nothing to do with 'hardware'. but, yes, appliances are typically > easier to configure. but then again, iptables isn't that hard to setup. > > >No need to worry about patching/locking down anything else, like you'd have > to consider with a linux box. > > run debian stable and simply use iptables to lock everything down. it's > really, really easy. > > >ever tried to cut down a tree with a swiss-army knife saw-blade? > > no. > > okay, so it sounds like the summary is: > "i don't have time/energy to invest in learning how to do this with linux, > so i'm going to throw money at the problem to make my life easier - does > anyone know of a firewall appliance?" > > this is a *perfectly valid* reason for wanting an appliance, but this is > your reasoning, no? i was just curious about any specific reasons you had > for not just using iptables, because i'm sure there must be some good > reasons for it (i've recently been told that iptables doesnt work well w/ > multiple vpn sessions for example.) > > sounds like you should just go w/ pix - but at least buy 'em from ebay. ;-) > > Josh Coates > http://www.jcoates.org > .===================================. | This has been a P.L.U.G. mailing. | | Don't Fear the Penguin. | | IRC: #utah at irc.freenode.net | `==================================='
