You can do very well on the lower end traffic scale (a couple hundred MB/sec) with open source and PC hardware, but once you start throwing around some serious traffic, you will find that the commercial products just handle it better, often with very nice reporting tools.
I am not saying that you cannot do it with non-commercial stuff, but you will have a lot more headaches dealing with that amount of traffic.
-Steve Daniel wrote:
It sounds like pfSense is the way to go for the schools, given the responses. Thank you. Now let's say you had to secure about 1-4GBs of traffic and you had unlimited funds would you still go with pfSense or would you go with a commercial solution like Juniper, or Cisco? Does anyone have experience with a Juniper or any other commercial solution and pfSense? -Daniel On 6/15/07, Lars Rasmussen <[EMAIL PROTECTED]> wrote:Look no further than pfSense for your firewall. I've been using pfSense since the alpha releases - I previously used m0n0wall. Before m0n0wall I was using a floppy disk to boot a Linux based firewall. I've used pfSense at work and at home. pfSense will let you enforce QoS(even has a wizard for prioritization of VoIP & common applications/traffic types). pfSense allows for failover & multiple WAN connections, and has multiple VPN types as part of the standard feature set. You can add features(packages) if you so desire. One of my Windows buddies still marvels at how he doesn't even think about his pfSense box - it just sits in the closet and runs. I am currently using pfSense at home with Comcast & Vonage; it allows me to coexist with BitTorrent nicely, and the pfSense project seems to have more active development than any of the Linux-based firewall projects. It is straightforward to install pfSense yourself, but you could alternately buy an appliance that contains no moving parts & likely increase your uptimes to years. Here's what the console portion of the pfSense installation looks like: http://www.metacafe.com/watch/584867/install_pfsense_1_2beta1/ Configuration after this point is handled via the web interface. -- Lars /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. *//* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
smime.p7s
Description: S/MIME Cryptographic Signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
