*bsd firewall appliance?

Bill Moran wmoran at collaborativefusion.com
Thu Jul 13 10:56:16 UTC 2006 

DW <spock at dwinner.net> wrote:
> Hi all,
> 
> Just doing some early morning brainstorming, and my crazy thought of the 
> day is this:
> 
> My life would be so much easier if I could just get rid of my stupid PIX 
> firewalls, and replace them what I know and love: FreeBSD. It's not that 
> the PIX's have been causing me problems or anything like that, it's just 
> that I believe in streamlining whenever possible, and since we've 
> already exterminated Microsoft in my server room for at least 3 years, 
> the only thing left that's not running FreeBSD are my appliances 
> (firewalls and switches) and 2 leftover legacy servers still running 
> Redhat that haven't been worth the effort to migrate to FreeBSD. I'm a 
> one-man shop, and I can survive using the PIX IOS when I have to, but 
> would just as soon use BSD if I could. Questions:
> 
> 1) If I did this, I would probably only do it if I could figure out how 
> to rack up some diskless servers to my 2-post communications rack. Any 
> thoughts on hardware candidates, etc.?
> 
> 2) If I did this, maybe it would be wiser to go with OpenBSD instead, 
> since it is known for security?
> 
> 3) Any good tutorials on setting up a diskless servers for Free/OpenBSD?
> 
> 4) Any other considerations?

Keep in mind that PC hardware does not make good switching/routing
hardware for high loads.  The way PCs are designed, you really can't
put more than 2 network cards in and expect any kind of performance.
If your PIX are serving simple gateway/firewall roles, then replacing
with *BSD on a PC is possible.  If they have many interfaces, you'll
find that the PC hardware just can't switch packets at line speed, no
matter what OS you put on it.

> 5) Am I just being stupid and should I just keep my PIX's going? I know, 
> I know, if it ain't broke, don't fix it.

No.  Proactive is the way to go.  People who wait around for things to
break are always fixing broken things.

-- 
Bill Moran

If you take sexual advantage of her, you're going to burn in a very special
level of hell. A level they reserve for child molesters and people who talk
at the theater.

	Shepherd Book

More information about the freebsd-questions mailing list