RE: firewall suggestion

El mar, 22-02-2005 a las 07:54 -0800, Eric McCarty escribiÃ:
> Just out of question, "any head to head features and functionality"
> seems pretty broad, care to be specific or is just a blanket statement
> like "Windows is better than linux". 
>  
> I am also curious as to what functionality you find lacking in the Pix?.
> Statefull packet inspection?, VPN?, DMZ?, IPSec or Radius support, I
> really can't think of much the pix * Can't * do. 
>  
> Eric McCarty

I don't like the PIX because they are expensive, given the things
they do. A PIX 501 can be something like 1800$, and it only supports
one connection to the ADSL/DSL/Cable. If you want to have strong VPN
you have to pay more money. If you have more users you have to pay
more money.

With that money you can buy a Linux box and a switch and make yourself
a very good firewall, a much better IDS/IPS (snort), a VPN (OpenVPN,
FreeS/WAN, etc) and much more.

Anyway I find the PIX a very interesting device if you can afford the
money and you don't want to tweak with Linux or other OS.

Regards.

-- 

Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÃA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"