|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] choice bw nt or linux
I agree the Nokia boxes kick serious rear-end AND offer much more from a feature set. The only point I wanted to make was that for it's "freshman" season Linux is making some noise... Apple-to-Apple comparison is extremely valid, however if Linux supports SMP accross the board and BSDI doesn't that would be a feature in my mind...and I do believe that is the only reason that Nokia doesn't support the config you mention below. Additionally the point about bang for the buck is applicable, a Nokia box is EXTREMELY expensive, and if an organization wanted a box like this ONLY for VPN connectivity, I'd gladly sell them a Linux solution with Crypto card possibly multpile processor ove the Nokia. Things like this require an extyensive evaluation of the customer's business needs. For example..consider the following: Customer "A" wants a border firewall to handle outbound traffic, 2 PHYSICAL DMZ's and route sharing via BGP to their ISPs for 1 of the DMZ's, then I would definitely recommend the NOKIA, if for no other reason then its ability to handle and accept BGP protocol requirements. It's ability to provide a large number of interfaces and the inherent ability to be configured in a redundant pair help support that decision. This kind of need justifies the large dollars for this solution and NOTHING can handle this as well as the NOKIA platform. However, Customer "B" wants to run 200 concurrent VPN sessions for dial-up/telecommuters and possibly a development DMZ leveraging the same architecture...I would lean toward a hardened linux solution. It is considerably less expensive and even as a freshman could handle this type of functionality pretty well. So, in summary, I suppose I should have gathered additional information about the original question which was... comparing Linux to NT... What is the particular application, need, business requirements etc...I suppose I just jumped on the opportunity to say that Linux kicks NT's butt pretty much across the board when Checkpoint is involved... CT Firewall Admin wrote: > But if you compared apples to apples and had a Nokia box with dual Xeon > processors it would most likely kick Linux's butt. The performance figures > on CPs web site show the IP650 with SINGLE PIII 700 and 256MB pushing > 240Mbps. > > Just my two pence worth. > > ----- Original Message ----- > From: "Chris Trudeau" <[email protected]> > To: "Brett Lymn" <[email protected]> > Cc: <[email protected]> > Sent: Tuesday, September 05, 2000 12:19 PM > Subject: Re: [FW1] choice bw nt or linux > > > > > As I was then... > > > > I did not actually SEE the results, although I would very much like to be > involved > > in the benchmarking of the different solutions. I definitively HAVE seen > postings > > and otherwise indicating that a comparable Solaris Solution (processor > etc) was > > used int he test and was beaten by some crazy percentage... > > > > Nokia boxes were also tested in the same benchmark and were also beaten. > I can > > easily go out and find a redundant power supply 19" rack mountable Intel > based > > hardware solution for about $4500, install RH 6.X and Checkpoint on the > box and it > > will beat an Existing Nokia platform in most tests... > > > > I agree that the Linux Stack has a way to go to be as efficient, but $4500 > for a > > linux solution which does in fact SMOKE a $30,000 Nokia solution is a nice > price > > point for a lot of people. > > > > The point I suppose I SHOULD have made is the "bang-for-the-buck" one. > The linux > > solution far and away provides more bang for the buck than ANY of the > other > > solutions. > > > > CT > > > > Brett Lymn wrote: > > > > > According to Chris Trudeau: > > > > > > > > > > > >and IMHO the reports I hear is that a tuned linux kernel running > Checkpoi= > > > >nt SMOKES > > > >the competition, including Nokia, and ANYTHIN on NT... > > > > > > Uhhhh ``I doubt it'' the processor in the linux box used in the > > > testing may have been a lot faster than the processor in the Nokia > > > giving you an inflated figure. The linux tcp/ip stack still has a way > > > to go in terms of performance, I am reasonably certain that it beats > > > the NT implementation but as for beating the BSD IP stack... I think > not. > > > > > > >May be spoiled, but= > > > > routing > > > >issues are normally easier to troublshoot as is remote management of > the = > > > >OS and many > > > >other factors when one uses a linux or *nix mased solution. > > > > > > > > > > secure, remote access is something the *nix solutions do do better > > > than NT. > > > > > > >And in this case it is supposedly so much faster too... > > > > > > > > > > I would crank up the salt mine on that one. > > > > > > -- > > > > ============================================================================ > === > > > Brett Lymn, Computer Systems Administrator, BAE SYSTEMS > > > > ============================================================================ > === > > > > > > > > > ============================================================================ > ==== > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > > ============================================================================ > ==== > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
