This NT vs UNIX firewall issue has been debated several times on this list.
I would suggest that both OS's are able to be secure. And that local
experience in making one or the other secure would help. I would also
suggest that you not consider a firewall a single machine, but a
configuration of several machines to defend against security threats to
your computing environment.
In the later statement I would suggest that you have at least two different
OS types and two different Firewall vendor protections. For example.
Firwall/Plus DMZ Firewall-1
NT --- Proxy stuff ---- UNIX --- Internal Lan.
Likewise the security policy you are trying to implement will have a vast
effect on the firewall configuration that you choose.
> From: Paul A. Murphy <pamurphy @
> To: firewalls @
> Subject: NT Firewalls
> Date: Sunday, February 02, 1997 12:10 AM
> My company is looking into firewalls to protect our network that is
> connected with a T-1.
> Our company is migrating to NT as a standard and I am concerned that the
> NT Firewalls are generally less secure than the UNIX firewalls and am
> looking for material to make my case that the firewall be UNIX.
> I would appreciate any comments related to the UNIX vs NT debate.
> Paul Murphy
> St. Louis