BSD Today: Running a BSD-based Firewall

“The first bridge that we had to cross was getting people to
accept an open source firewall package. Everyone knows and trusts
products like Checkpoint and Cisco’s Pix firewall. A firewall is a
key part of the security infrastructure. It is a stretch to ask
management to trust a product, they may have never heard of, for
such an important part of the network.”

When you buy a commercial firewall product, you are not
buying a better quality product, but only paying for a name. That
name gives your management and you confidence that there is a
strong, solid company behind your firewall. With an open source
firewall, you do not get that name.
However, you do get the
equivalent credibility through the very nature of open source.
Anyone that uses it will be more than happy to tell you the good
and the bad that they have gone through with the product.”

“The other bonus is that open source firewalls are usually
written by people that are using the product themselves. This gives
them every incentive in the world of making it work right. Plus,
with the open source model you can influence the direction of the
program. Darren Reed of IP Filter has impressed me many times over
with his openness to add features that users have asked for. You do
not find that with a bigger commercial company.”


Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis