[unisog] Suggestions for bridging firewall?
ckline at housing.ucsb.edu
Wed Oct 30 06:11:11 GMT 2002
Ooops, I spoke too soon. A couple of people have informed me that the
PIX is not a bridging firewall and therefore does not meet your stated
needs. I've never tried to set the PIX up that way, but seemed to
remember that it was possible. I was apparently mistaken.
Sorry for the misinformation!
> -----Original Message-----
> From: Curtis Kline
> Sent: Tuesday, October 29, 2002 2:55 PM
> To: Peter Ruprecht; unisog at sans.org
> Subject: RE: [unisog] Suggestions for bridging firewall?
> We use a Cisco PIX 515E for a very similar purpose. With
> Cisco's educational discount pricing, they were very
> price-competitive with the smaller offerings like SonicWall.
> And you don't have to worry about Cisco dropping off the face
> of earth (well, not much, anyway).
> I've used Checkpoint 4.0 on various platforms in the past,
> and found the UI to be vastly superior to Cisco's latest
> web-based one. Other than that, I have no complaints about
> the PIX. It is a solid performer and quire reliable. Now that
> they base their rulesets on ACLs rather than 'conduits', it's
> much more intuitive for someone with Cisco IOS experience.
> Feel free to contact me directly with any questions.
> Curtis Kline
> Residential Network Coordinator
> University of California Santa Barbara
> 805.893.4016 Voice
> 805.893.4766 FAX
> + -----Original Message-----
> + From: Peter Ruprecht [mailto:ruprech at jilau1.Colorado.EDU]
> + Sent: Monday, October 28, 2002 8:25 AM
> + To: unisog at sans.org
> + Subject: [unisog] Suggestions for bridging firewall?
> + Hi,
> + We're looking for a (stateful) bridging firewall to sit on
> the 100Mb/s
> + connection between our department and the rest of campus, which is
> + also our link out to the open internet. Normally, our
> 15-min traffic
> + average on this connection is less than a few Mb/s, but
> + occasionally we'll
> + burst up to 60Mb or so. Does anyone have any recommendations for
> + solid, easy-to-use products?
> + I have played around with a Linux box and iptables, but maybe a
> + commercial appliance would be easier to use and more
> feature-ful. Any
> + insight would be greatly appreciated!
> + Thanks,
> + Pete
> + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> + - - - - -
> + Peter Ruprecht
> + Computing Group, JILA, Rm S220 phone: (303) 492-8255
> + University of Colorado-Boulder fax: (303) 492-5235
> + 440 UCB email:
> + Peter.Ruprecht at jila.colorado.edu
> + Boulder, CO 80309-0440 http://jilawww.colorado.edu/~ruprech
More information about the unisog