flyingferret 0 #26 October 10, 2003 A CCIE recommending a netscreen? I have seen it all.-- All the flaming and trolls of wreck dot with a pretty GUI. Quote Share this post Link to post Share on other sites
lummy 4 #27 October 10, 2003 Quoteand iptables and whatever breed of BSD and ipfilter. Both good solutions although in the case of Linux choose your distro carefully - some are bloated beyond belief. Done a few of these using FreeBSD and Ipfilter. Definitely a learning curve involved but a helluva lot cheaper. Course these were small offices / home thoI promise not to TP Davis under canopy.. I promise not to TP Davis under canopy.. eat sushi, get smoochieTTK#1 Quote Share this post Link to post Share on other sites
ryoder 1,590 #28 October 10, 2003 QuotePIX software has gotten way too bloated and convoluted in the past few releases, and we've seen all kinds of wacky problems with the configurations. I'd recommend the Netscreen firewalls; they're much easier to configure and perform very well. CCIE#2006 I agree: 1. NetScreen 2. PIX Avoid Gauntlet & CheckPoint like the plague. PIX is still playing catchup with NetScreen. e.g. only a few months ago PIX FINALLY added 802.1q!"There are only three things of value: younger women, faster airplanes, and bigger crocodiles" - Arthur Jones. Quote Share this post Link to post Share on other sites
PhreeZone 20 #29 October 10, 2003 Actually.. 802.1q was in PIX last year. I know, I had a major issue involving it at the time that required it. It was'nt well documented till about 1st quater of this year.Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
rmsmith 1 #30 October 10, 2003 I use a Netscreen 5XP hardware firewall appliance at home on an unthrottled fibre optic connection using a 3DES-VPN scheme, and I get consistent 700-kb/s+ throughput. Quote Share this post Link to post Share on other sites
