Firewall Wizards mailing list archives
Re: Hardware vs. Software firewall reliability
From: "Bill Pennington" <bpennington () lucidnetworks com>
Date: Wed, 8 Sep 1999 08:15:45 -0700
I have always preferred hardware firewalls to software firewalls. Most of my clients do not have in house security staff or even knowledgeable sys admin types. Since my company becomes the security team and sometimes the sys admin team I want a firewall I don't have to worry about. We generally deploy a Cisco Pix box and don't worry about it going down. Having said that I have deployed several FW-1 on NT solutions that have proven just as robust, but the effort I had to go through to make them that robust was far more the I went through with the Pix. I am a relative newbie when it comes to firewalls (about 2 years) and I have not had a chance to work with a lot of different firewall software/hardware. From speaking with a few ISPs around the Bay Area it seems that most use either Cisco Pix or FW-1 on Unix. I think this speaks more towards the ability of the ISP staff than it does towards the "best" firewall. Just my .2. Bill Pennington Consultant Lucid Networks ----- Original Message ----- From: Bill Stout <Bill.Stout () AristaSoft com> To: <firewall-wizards () nfr net> Sent: Tuesday, September 07, 1999 4:01 PM Subject: Hardware vs. Software firewall reliability
I notice that more firewalls are of the hardware type. It seems that over time the hardware firewalls have become more robust, and with the minimal configuration involved, lack of mechanical devices (disks) and underlying
OS
to fiddle with, seem to have higher MTBF ratings than software firewalls. Seems that many on the list have predicted the rise of the hardware
firewall
and 'death' of the software firewall. What is the current feel of hardware vs. software firewalls? My specific interest is in protecting Internet service bureaus, with a limited set of published applications. Therefore outbound proxies are not as critical. BTW - Are there failover hardware firewalls available? Bill Stout Unresolved industry-wide date bugs: -- Incompatible Julian date formats and translation logic remain in 'Y2K ready' systems (enter 1/1/29 and 1/1/30 in Excel) MS=YYDDD, JDE=CYYDDD, Oracle=YYYYDDD, etc -- Think of the impact of dynamically changing OS date (Don't do this on a server). Open DOS window in 'Windows', type 'date /t', double-click clock on taskbar, browse date (don't apply), type 'date /t' in DOS window,
cancel
'date/time properties' to restore.
Current thread:
- Hardware vs. Software firewall reliability Bill Stout (Sep 07)
- Re: Hardware vs. Software firewall reliability Franck Veysset (Sep 08)
- RE: Hardware vs. Software firewall reliability Joe Ippolito (Sep 10)
- RE: Hardware vs. Software firewall reliability Jules Veloria (Sep 11)
- RE: Hardware vs. Software firewall reliability Aaron D. Turner (Sep 11)
- RE: Hardware vs. Software firewall reliability Joe Ippolito (Sep 10)
- Re: Hardware vs. Software firewall reliability Bill Pennington (Sep 08)
- Re: Hardware vs. Software firewall reliability Christopher C. Petro (Sep 18)
- Re: Hardware vs. Software firewall reliability David Klann (Sep 08)
- Re: Hardware vs. Software firewall reliability Josh Robb (Sep 08)
- <Possible follow-ups>
- Re: Hardware vs. Software firewall reliability Ryan Russell (Sep 08)
- Re: Hardware vs. Software firewall reliability Marcus J. Ranum (Sep 08)
- RE: Hardware vs. Software firewall reliability Lart (Sep 09)
- RE: Hardware vs. Software firewall reliability Lart (Sep 11)
- RE: Hardware vs. Software firewall reliability Lart (Sep 09)
- Re: Hardware vs. Software firewall reliability Vin McLellan (Sep 09)
- RE: Hardware vs. Software firewall reliability Bill Stout (Sep 09)
- RE: Hardware vs. Software firewall reliability Ryan Russell (Sep 12)
(Thread continues...)
- Re: Hardware vs. Software firewall reliability Franck Veysset (Sep 08)