This is a discussion on Re: [fw-wiz] Intel vs. special purpose FW-1 servers - Firewalls ; > -----Original Message----- > From: Emily Conrad [mailto:firstname.lastname@example.org] > Sent: Tuesday, July 12, 2005 08:17 PM > To: email@example.com > Subject: [fw-wiz] Intel vs. special purpose FW-1 servers > > Hello, > > We are working on a project to ...
> -----Original Message-----
> From: Emily Conrad [mailto:firstname.lastname@example.org]
> Sent: Tuesday, July 12, 2005 08:17 PM
> To: email@example.com
> Subject: [fw-wiz] Intel vs. special purpose FW-1 servers
> We are working on a project to upgrade our firewall infrastructure.
> One of the questions is whether to use FW-1 on a standard Intel server =
> use a special-purpose optimized version of FW-1 on a dedicated hardware=
> platform such as Nokia firewall appliance or Crossbeam systems C30/X40.=
> Does anyone have any advice on what factors are important when making s=
1. Have you EVER previously implemented FW-1 on an Intel platform ? IF n=
ot, I'd suggest an appliance-based solution. Personally, if I wanted to =
run FW-1 on generic hardware, I'd buy some cheap SunFire 120s and run it =
on Solaris, now that single-processor licenses for Solaris are free. I'd=
specifically recommend Solaris 9, and note that locking down a Solaris =
system for firewall usage is FAR easier and more complete than trying to =
lock down a Win2K/2K3 system.
2. Are you looking to CLUSTER FW-1 for HA or load balancing ? If so, you=
will DEFINITELY need to look for an optimized appliance-based solution.=
And, based on my experience, I'd suggest the Nortel "Alteon" systems fo=
r FW-1: a pair of Alteon Directors and a pair of compatible Alteon Accele=
rators give you a clustered solution that doesn't require you to play any=
oddball Cisco tricks on your switches, allows you a NUMBER of separate=
d nets behind the firewall, and even multiple DMZs. I've used Nokia IP-s=
eries before, as well as FW-1 on Solaris, and can't say enough about the =
Alteon platform. . .
firewall-wizards mailing list