On 7 September 2011 18:30, Rob Malpass <linux@???> wrote:
> Hi all
>
> A simple question: What is a firewall server? I've not heard of this term
> before.
>
> Is it:
>
> a) A pretty low spec server that's not got much processing power beyond that
> required to run ipcop or something similar?
>
> b) Something else
>
> I anticipate it will have more than one NIC but if I was looking for a
> really low spec server (or a few of them of identical physical dimensions)
> as I am at the moment, what's to stop me buying [1]?
It can be A or B in some ways. Typically A; what you are referring to
are often low spec boxes (when compared to number crunching servers
for example) [1]. However, these days you can get boxes with so much
functionality, the only thing they don't do is the dishes; so they can
be "something else". It depends if by A you mean just basic ACL rule
checking or firewalls with integrated IDS, IDP, DPI, ACLs, VPN
termination, HTTP(S)/SMTP/IMAP/POP filtering, instant messaging
monitoring/filtring (the list goes on)...
If you want to roll your own, and you're knew to this check out
pfSense 2, its a custominsed BSD install with a WebGUI through which
you manage everything. [2].
[1] There are high spec firewalls as well with ASIC etc. Depending on
the set up, high volume firewalls have to monitor thousands of
concurrent flows, each for thousands of possible pattern matches,
without hindering the throughput.
[2]
http://www.pfsense.org/
--
James.
http://www.jamesbensley.co.cc/
