So often we have this debate, and so often is it dragged through the
magazines also. Now I will admitt that I am biased here, however most
people will admitt that UNIX is much more stable, and much faster, however
is it is out of the educational league of MOST people. Thus the desire for
a graphical UI, and the horrid assumption that that means M$ / NT.
If I look at ALL UNIX or NT or VMS or anything firewalls out there they all
require that you install an operating system, and then a firewall. Well,
some of us could do this in both UNIX, and NT, others only one of the two,
however it is still a fixed and closed skill set. Interestingly one of the
strongest reasons that I love the BorderWare firewall product is that it
breaks all those boundries. It uses UNIX on the back end, and then closes
the front end into an idiot proff system.
In BorderWare you insert a floppy and a CD, turn on the PC, and the SW
installs. From that point on (NOTE, this is easier than NT and its infamous
HAL problems) it is 100% menu driven. You neither have to edit a file in
/etc/files/lost/really_long/hidden/.... nor do you have to goto Main,
Control Pannel, Network, DNS, ..... Border has announsed there next version
(due out in a few days according to there web page) will be driven 100%
through a browser interface. Now you can use NT, UNIX (even Linux), VMS,
Mac, etc. for your configuration platform. Whatever you are personally
familiar with. It doesn't change the underlying security model of the
firewall.
One other small point is that you have some advanced clue about IP, routing,
email, etc. with ALL firewalls, and MOST people who think M$ will never
stear them wrong know little in this arean. This will prove a bigger
detriment than UNIX vs. NT ever will. How do these people address, well my
firewall is up, but since I don't know what a static default route is, none
of my users can get out.
Yes I do make a living selling BorderWare, however when I see a magazine say
something like 'xyz vendor is one of only two offering an NT choice, and
this is very important for those who don't want to learn UNIX' I just scoff,
and consider that magazine to be far too M$ tied. BorderWare represents a
cross between the power and speed of UNIX, and simplicity far beyond that
offered by NT.
-Charles Kaplan
>>
>> >
>> > I'm in the process of buying a firewall. We have a 20 User Windows NT
>> > Server, 3.51 and a 100 User NetWare 4.1 server. I want to buy
>> > CheckPoint's product, but it only runs on a NT OS. Is there a way
>> > that I can configure the firewall to perform with both OS behind the
>> > firewall?
>> >
>>
>> WHAT DIFFERENCE IN THE WORLD DOES IT MAKE WHAT OS IS RUNNING????
>>
>> You are screening IP packets not M$ or Novell source code.
>>
>>
>Well,
>
>1. I have yet to see a firewall for Novell, (and hope I never do).
>
>2. It's not polite to shout. Didn't your mother teach you any manners.
>
>3. If he has M$ or Novell Src, I'd like a copy.
>
>4. There is a big difference in the OS you run your Firewall on.
> I would avoid using NT. I have seen too many products pop
>up little dialog boxes when something goes wrong. Do you want to walk
>down to the server room everytime catapult blows chunks?
> I also don't trust the TCP/IP stack on NT. It's too new, and too
>untested.
>
>Find your self a nice unix system, learn the security on it, Get a good
>firewall (Checkpoint is a good one), and do periodic audits of the
>security on said firewall. Performance-wise you should be better off
>w/ some kinda unix. And Checkpoint has a MS winders GUI so you can set
>the rules via you happy NT/95 box.
LS
------------------------------
|
|
