Educause Security Discussion mailing list archives
Re: PIX/AS Vs. Linux/IPtables
From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Wed, 30 Sep 2009 12:09:51 -0500
No references, but since people are off on an entirely different topic, I'll re-thread my response. Your ability to augment/backfill firewall administration may be rather simpler with Cisco's ASA than it would be with IPTables. There are a large variety of professional-services groups with Cisco relationships, and I'm pretty much guessing that pool is smaller with IPTables. Also, consider that part of the cost of IPTables would be sparing, depot issues, and build/release management. For us, spread over a hundred locations across a good-sized state, the above issues generally hold sway over what might be a technically superior solution (like my fave, OpenBSD and PF). I run PF very happily in a number of places, but none of them are places where I'd be woke up at 0200 if it broke. -jml
ron behrang <ron4peace () YAHOO COM> 2009-09-29 21:38 >>>
Hello, Does anyone know of a good paper on the merits of using PIX/ASAinstead using Linux/iptables? ThanksRon
Current thread:
- PIX/AS Vs. Linux/IPtables ron behrang (Sep 29)
- <Possible follow-ups>
- Re: PIX/AS Vs. Linux/IPtables Gary Dobbins (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables HALL, NATHANIEL D. (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables Justin Azoff (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables Joe Vieira (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables Gary Dobbins (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables John Ladwig (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables David Gillett (Sep 30)