The only problem I see with this is that this would do good for just packet filtering at the network level. It would be great for functionality and expanability, but for secure, not that good. You need a firewall that can do data filtering as well. Also that the firewall can be between the data-link and the network level. That way the firewall controls everything before the packets can move up the layers to the applications for example. Just watch what firewalls you look at, because ones that only do this can bog down the system and have limited Application support. My idea would be to suggest Checkpoint that can do both of the above.
Chris -----Original Message----- From: Glenn Pitcher [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 13, 2001 7:51 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: What firewall? If I were given this project, these are a few of the basic questions I would be asking even before thinking about any particular vendor: 1) Budget. Budget. Budget. 2) Is there a need for failover capabilities? Does this firewall need to be up 24/7 or can you stand to be down for a while in the case of a failure? 3) What are your plans for expansion for the next three to five years? This will help determine how expandible the system will need to be. 4) What are your current throughput requirements? What are they projected to be in 6 months? In 2 years? Depending on some of your responses, you might be able to get away with something as simple as ipchains on Linux which will only cost you the price of a computer and a couple NICs. ------- Glenn Pitcher Sr. Unix Admin in need of a job! (858) 674-1847 (voice) [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, November 12, 2001 1:42 PM To: [EMAIL PROTECTED] Subject: What firewall? Hi! I\'m about to buy a firewall, and I wonder if you people could give me some advices that could help me decide which one that fits me best. See, I\'m quite new with this. So, this firewall should protect a quite big serverpark. It has to deal with a lot of information. It might be necessary to use two devices. If it is, the information will be divided upon these two with a load balancer. No special needs for VPN. I\'ve been thinking about using Watchguard Firewall 2500 or 4500. I know that 4500 handles VPN though. Is this a good choice? Is there sites on the net where products are compared and where you could see the good and the bad of each one? Thanks / Martin Andersson
