Quoting Guenther Sommer (gue@rettung.at) on Thu, May 10, 2001 at 11:10:14AM +0200:
is suse-linux equipped with squid, free/swan, ... compareable (in security) with an commerical firewall like checkpoint, raptor, ...
yes, i know, the question is not very exactly, but i'd be interested in your humble opinion.
Sounds like flamebait ;-} Yes and no. Depends on what you use it for and who administers it. I claim for myself that I can set up a Linux based FW solution that is more secure that the average FW-1 setup. But that is mostly based on the incompetence of the average FW-1 admin who is forced to administer something of which he has no clue. If you would give the same admin a Linux based FW, it might be even more open as those people typically don't know their way around a commandline based system. Ovarall it depends on 1. Does the FW architecture support the means to implement the security policy? 2. Has it been set up properly? 3. Is it maintained properly by admins who have the necessary skills? 4. Is it monitored properly? 5. Is it audited by a third party regularely? Especially point 3 makes a huge difference. If a bug in open source software is found, a competent admin will have the right patches applied much faster than waiting for a closed source product. The rest is the same for commerical prducts and OSS solutions. cheers afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you!