Date: Thu, 12 Feb 2004 18:23:56 -0600 From: Vulpes Velox <kitbsdlists@HotPOP.com> To: ppi@amug.org Cc: questions@freebsd.org Subject: Re: Hardware vs software firewall on FreeBSD Message-ID: <20040212182356.46c04e17@vixen42.> In-Reply-To: <20040212203745.GU20527@wyeth.trail.calm> References: <20040212203745.GU20527@wyeth.trail.calm>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 12 Feb 2004 12:37:45 -0800 ppi@amug.org wrote: > I'm upgrading the hardware on my webserver. It will run FreeBSD > 4.9. > > I need to decide whether to use a hardware firewall (Cisco) or use > ipfw, ipf, pf, etc. > > The hardware firewall will increase my monthly server rental bill by > almost 30%. So I'm wondering if the significant extra cost is worth > it. > > What kind of performance hit will result from using ipfw, ipf or pf? AFAIK you will not get any noticeable performance hit from any of those. > I would like to avoid the extra expense of the hardware firewall. > > Can anyone offer an opinion on this matter? Any good reasons to use > one over the other? I personally don't trust hardware firewalls any more than I trust a software firewall. Problems can occur in either and software is easier to update and ect. I really don't see how it makes a dif if something is written in Verilog or C or whatever. The only dif is one is easier to back work than the other.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040212182356.46c04e17>