Linux Today: Linux News On Internet Time.

BSD Today: Running a BSD-based Firewall

May 28, 2000, 17:23 (0 Talkback[s])
(Other stories by Jim O'Gorman)

"The first bridge that we had to cross was getting people to accept an open source firewall package. Everyone knows and trusts products like Checkpoint and Cisco's Pix firewall. A firewall is a key part of the security infrastructure. It is a stretch to ask management to trust a product, they may have never heard of, for such an important part of the network."

"When you buy a commercial firewall product, you are not buying a better quality product, but only paying for a name. That name gives your management and you confidence that there is a strong, solid company behind your firewall. With an open source firewall, you do not get that name. However, you do get the equivalent credibility through the very nature of open source. Anyone that uses it will be more than happy to tell you the good and the bad that they have gone through with the product."

"The other bonus is that open source firewalls are usually written by people that are using the product themselves. This gives them every incentive in the world of making it work right. Plus, with the open source model you can influence the direction of the program. Darren Reed of IP Filter has impressed me many times over with his openness to add features that users have asked for. You do not find that with a bigger commercial company."

Complete Story

Related Stories: