as others have said, find out what your real performance requirements are,
and keep the future in mind.

check the cost of upgrading the 'optiomized' hardware, you may be amazed
at the costs ($1k for 512M of ram for example)

generix x86 hardware is so fast nowdays that I really doubt that you need
the added performance from an 'optimized' version.

there are valid arguments (on both sides) about managing the OS yourself
vs trusting the vendor to do all the OS changes (the appliance approach)

personally I would buy my own hardware and run it myself, there are just
too many times when I want to do just a little something extra on the
firewall that would be trivial to script, but isn't allowed on an

David Lang

On Tue, 12 Jul 2005, Emily Conrad wrote:

> Date: Tue, 12 Jul 2005 20:17:59 +0000
> From: Emily Conrad
> To:
> Subject: [fw-wiz] Intel vs. special purpose FW-1 servers
> Hello,
> We are working on a project to upgrade our firewall infrastructure.
> One of the questions is whether to use FW-1 on a standard Intel server or to
> use a special-purpose optimized version of FW-1 on a dedicated hardware
> platform such as Nokia firewall appliance or Crossbeam systems C30/X40.
> Does anyone have any advice on what factors are important when making such a
> decision?
> Thanks,
> Emily
There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.
-- C.A.R. Hoare
