Hardware vs software firewall on FreeBSD
Vulpes Velox
kitbsdlists at HotPOP.com
Thu Feb 12 16:25:20 PST 2004
On Thu, 12 Feb 2004 12:37:45 -0800
ppi at amug.org wrote:
> I'm upgrading the hardware on my webserver. It will run FreeBSD
> 4.9.
>
> I need to decide whether to use a hardware firewall (Cisco) or use
> ipfw, ipf, pf, etc.
>
> The hardware firewall will increase my monthly server rental bill by
> almost 30%. So I'm wondering if the significant extra cost is worth
> it.
>
> What kind of performance hit will result from using ipfw, ipf or pf?
AFAIK you will not get any noticeable performance hit from any of
those.
> I would like to avoid the extra expense of the hardware firewall.
>
> Can anyone offer an opinion on this matter? Any good reasons to use
> one over the other?
I personally don't trust hardware firewalls any more than I trust a
software firewall. Problems can occur in either and software is easier
to update and ect. I really don't see how it makes a dif if
something is written in Verilog or C or whatever. The only dif is one
is easier to back work than the other.
More information about the freebsd-questions
mailing list