Firewalls: Re: flavours of unix

Firewalls
(July 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: flavours of unix
From:	Kevin McPeake <cowboy @ home . byelex . nl>
Date:	Tue, 1 Jul 1997 15:15:57 +0200 (MET DST)
To:	Michael Cunningham <malice @ exit109 . com>
Cc:	Pete Vickers <pvickers @ adtranz-signal . co . uk>, "'FIREWALLS @ GreatCircle . COM'" <FIREWALLS @ GreatCircle . COM>
In-reply-to:	<Pine . BSI . 3 . 95 . 970630100109 . 13192B-100000 @ hiway1 . exit109 . com>

On Mon, 30 Jun 1997, Michael Cunningham wrote:

> > I'm in the middle of implementing Internet connectivity for the company, this comprises of a 
> CISCO 2500 series router, a DMZ containing a host for SMTP / DNS [+ potentially FTP & HTTP], 
> and a CISCO PIX firewall. My question is what O/S & H/W to implement the

[intelligent question snipped]

> IMHO, there are several good version of unix that run on Intel arch. BSDI
> is and execllent choice. (we all know the networking code is good:)
> Solaris x86 is also very good as well. Both are quite robust operating

[intelligent response snipped]

I would second this.....but in a way that seeks to get the job done.  We 
were long time a NT only house, but 8 months ago, began to look at other 
solutions (we are a software developer).  Today, we employ Linux, Solaris 
for Intel and NT.  If I had my way, I'd run everything on Linux, but some 
of the SW we run is Solaris only or NT only or Solaris & NT, but not Linux.

To arguement your managers better, I would give you this advice:
It's a mix match (what we have ourselves), and some would say it's more 
ineffecient to have multiple systems, but our experience has already 
shown us, that when we opened ourselves to more platforms, our own company
growth has tripled, because customers have different needs, and ours may 
not be thiers.

As far as what I would suggest for a firewall, I would definately say use 
some form of Unix, but don't stop there.  Educate yourself on Unix....get 
to know it like the back of your hand (even if you stick your FW on NT, you 
should do this about NT).  Get to understand tcp/ip routing & protocols.
Read all the doc's you can get your hands on.   Ask reasonable questions 
on here (don't be afriad to ask....just think out your questions first).

Remember, Ignorance is no excuse.  No cracker out there is gonna say 
"hey, this guy just didn't know better, so lets leave him alone".
This is one game where your homework REALLY COUNTS.

Kev

   Kevin McPeake			cowboy @
 orbital .
 byelex .
 nl
   Internet Consultant 			http://cowboy.byelex.nl/

   << You know something's up when your Thought process is idle. >>
USER      PID %CPU %MEM   VSZ  RSS TTY    S  STARTED      TIME COMMAND
cowboy  28365  0.0  0.2 2.84M 264K ttyp1  S  12:57:12  0:00.02 Thought

Indexed By Date	Previous:	MTU Path Discovery w/proxy-based firewalls From: uskanbye @ ibmmail . com
Indexed By Date	Next:	My faith is restored (was: RE: Microsoft plans to offer a firewall From: Kevin McPeake <cowboy @ home . byelex . nl>
Indexed By Thread	Previous:	MTU Path Discovery w/proxy-based firewalls From: uskanbye @ ibmmail . com
Indexed By Thread	Next:	Re: TIS funding From: "This guy here at this system..." <morrison @ ladyred . rsoc . rockwell . com>