comparison (on functionality) between open source and proprietary firewall solutions

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hi all,

is anyone aware if there have been studies comparing open source firewall
solutions and closed solutions?

if there been been such studies, is there some general conclusion?

regards,
    Olivier


Re: comparison (on functionality) between open source and proprietary firewall solutions
Olivier Sessink wrote:
Quoted text here. Click to load it

What? Do you think that an open source solution is better than a
proprietary solution or a proprietary solution is better than an open
source solution?

They are just programs open source and proprietary that are written by
fallible Human Beings -- no more or no less.

IMHO, it comes down to who who is at the wheel configuring the
solutions. Does he or she have the expertise to use the solution is the
bottom line?

For an open source or proprietary host based software FW solution, does
the user know how to configure and secure the O/S platform the host
based FW solution is running on, along with having expertise in the FW
solution on how to configure it properly?

If you're talking personal FW(s), they don't fall into an Internet
gateway FW solution catagory. The top of the line host base Internet
gateway solution FW open source, proprietary or otherwise, should be
just about equal in their performance and capabilities in providing a FW
solution, IMHO.

I myself will go with a proprietary solution 99.9% of the time software
or otherwise in case I need to reach out and touch someone. That's just
me and others may take a different view on the matter.

Duane :)



Re: comparison (on functionality) between open source and proprietary firewall solutions
On Sun, 19 Mar 2006 06:39:04 +0000, Duane Arnold wrote:

Quoted text here. Click to load it

[..snip..]

I was hoping to find out. I'm talking about network firewalls b.t.w., not
host based firewalls. I agree with all of you that it depends on the
administrator, I also agree with all of you that it is all just software
written by humans.

In some places (public sector), however, there is a political demand for
open source products. I was wondering if there are certain techniques that
are worse/better implemented in open/closed products (or not at all). So
if you have the perfect administrator who knows everything, why then
choose juniper/cisco/checkpoint or why choose openbsd/linux ?

Does anyone know a report about this subject?

Olivier


Re: comparison (on functionality) between open source and proprietary firewall solutions
Olivier Sessink wrote:
Quoted text here. Click to load it

What political demand are you talking about? There is a consumer demand
and that's about it.

I was wondering if there are certain techniques that
Quoted text here. Click to load it

Any solution FW or otherwise is based on the needs or requirements for a
given solution by the user needing or using the solution.

The link may or may not help you.

http://www.more.net/technical/netserv/tcpip/firewalls /

Duane :)

Re: comparison (on functionality) between open source and proprietary firewall solutions

Quoted text here. Click to load it


I will say, that if you have the perfect administrator who knows everything
*and* has the time to keep up with all the new developments, you can achive
very nearly or even equal to the function of a commercial product.

That's a very big "if" however.

-Russ.



Re: comparison (on functionality) between open source and proprietary firewall solutions
Olivier Sessink wrote:

Quoted text here. Click to load it

the idiot configuring it decides the outcome.
E.

Re: comparison (on functionality) between open source and proprietary firewall solutions
lists@olivier.pk.wau.nl says...
Quoted text here. Click to load it

Look for "Certified" test results, that's all that matters. If the
product can't be certified then it's anyone's guess as to how secure it
can be.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: comparison (on functionality) between open source and proprietary firewall solutions

Quoted text here. Click to load it

Does anyone ever try to certify the open source solutions?

Just curious.

-Russ.



Re: comparison (on functionality) between open source and proprietary firewall solutions
somebody.@nospam.russdoucet.com says...
Quoted text here. Click to load it

I don't know.

The way I look at it is like this:

1) Certified solutions are a given, in most cases you can be sure that
you cand build a quality solution with few problems.

2) Certified solutions often, if you read the testing/revision history,
show a track record for vendors solutions.

3) Open Source solutions are mostly uncertified because of many factors
that Certified solutions don't contend with.

4) O/S solutions often are installed on many platforms and often have
more than the firewall installed - they often include helper
applications.

5) O/S solutions appear to offer some very nice solutions, but I can't
risk customers networks on uncertified solutions due to liability.

I would install an O/S solution in my home, in my own (personal) office,
but not for a client. If I could get a firm O/S platform/solution that
was certified, I would gladly test/install it.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: comparison (on functionality) between open source and proprietary firewall solutions
Leythos wrote:
Quoted text here. Click to load it

Astaro is a certified Linux solution. All the components are open-source
although the complete package is proprietary. Since they also sell
appliances (with the same operating system) the cert *may* only apply to
the appliance--I'm not sure about that.

--

Rod

Re: comparison (on functionality) between open source and proprietary firewall solutions
says...
Quoted text here. Click to load it

I've not seen where any solutions, where you build it yourself, are
certified, as there are too many variables. The vendor delivered
solutions can be certified, like ChechPoint solutions, but I've yet to
see a self build solution certified.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: comparison (on functionality) between open source and proprietary firewall solutions
Somebody. wrote:

Quoted text here. Click to load it
Yes, occasionally. The process that occurs in most govt's is an entity
defines a security level, then tests and certs what products in what
configuration are acceptable for use in that environment:
http://www.dsd.gov.au/infosec/evaluation_services/epl/epl.html
Products
http://www.dsd.gov.au/infosec/evaluation_services/epl/dap.html
Sod all (or none) OS products on that list. I am unaware how products
get nominated for testing in the first place. I assume the vendor
discusses it with the Govt rep during an all-expenses-paid 'seminar' in
Fiji or the Bahamas ;-)
E.

Re: comparison (on functionality) between open source and proprietary firewall solutions

Quoted text here. Click to load it
<snip>
Quoted text here. Click to load it


Thanks for the info and the smile.

-Russ.



Site Timeline