Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 1999-q3

NFR Wizards Archives: Re: Hardware vs. Software firewall reliab

Re: Hardware vs. Software firewall reliability

Josh Robb (joshuarfujitsu.co.nz)
Thu, 9 Sep 1999 10:41:19 +1200

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Bowden, Kevin: "Interesting Telnet scenario"
Previous message: Roy Stevens: "Re: SMTP Firewall"
In reply to: Kenneth_W_Foxsbphrd.com: "Re: SMTP Firewall"
Next in thread: Franck Veysset: "Re: Hardware vs. Software firewall reliability"

The Nokia Firewall boxen hare a hardware solution running (although you
never see it) hardened FreeBSD and checkpoint Firewall-1 4.0. You simply
download a system image to them and they boot. They come with load balancing
and failover out of the box and are really easy to setup. They have lots of
cool options like plugging frame cards straight into the chassis so you
don't need a router. The have load tested them up to 28,000 concurrent
connections.

They are pretty cool boxes and because the OS is invisible you never have
problems of customers install other software like with NT based FW's. (eg
quake servers, Remotely Possible). This make me feel much better about
putting them into customer sites.

Josh

----- Original Message -----
From: Bill Stout <Bill.StoutAristaSoft.com>
To: <firewall-wizardsnfr.net>
Sent: Wednesday, September 08, 1999 11:01 AM
Subject: Hardware vs. Software firewall reliability

>
> I notice that more firewalls are of the hardware type. It seems that over
> time the hardware firewalls have become more robust, and with the minimal
> configuration involved, lack of mechanical devices (disks) and underlying
OS
> to fiddle with, seem to have higher MTBF ratings than software firewalls.
> Seems that many on the list have predicted the rise of the hardware
firewall
> and 'death' of the software firewall.
>
> What is the current feel of hardware vs. software firewalls?
>
> My specific interest is in protecting Internet service bureaus, with a
> limited set of published applications. Therefore outbound proxies are not
> as critical.
>
> BTW - Are there failover hardware firewalls available?
>
> Bill Stout
>
> Unresolved industry-wide date bugs:
> -- Incompatible Julian date formats and translation logic remain in 'Y2K
> ready' systems (enter 1/1/29 and 1/1/30 in Excel) MS=YYDDD, JDE=CYYDDD,
> Oracle=YYYYDDD, etc
> -- Think of the impact of dynamically changing OS date (Don't do this on a
> server). Open DOS window in 'Windows', type 'date /t', double-click clock
> on taskbar, browse date (don't apply), type 'date /t' in DOS window,
cancel
> 'date/time properties' to restore.
>

Next message: Bowden, Kevin: "Interesting Telnet scenario"
Previous message: Roy Stevens: "Re: SMTP Firewall"
In reply to: Kenneth_W_Foxsbphrd.com: "Re: SMTP Firewall"
Next in thread: Franck Veysset: "Re: Hardware vs. Software firewall reliability"

This archive was generated by hypermail 2.0b3 on Thu Sep 09 1999 - 18:59:43 CDT