Depends on many aspects; performance, management, and logging features. I personally recommend Checkpoint FW-1 Express for a smaller site if you want easy configuration and a great logging interface; though the pricing may not be what you are looking for. Cisco PIX is also great but the management and logging aspects in my opinion are not up to par with Checkpoint on the lower price end (i.e. Without investment in other management tools). It goes back to what you and anyone supporting the platform will be comfortable with. Chris Burton Network Engineer Walt Disney Internet Group: Network Services The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact Walt Disney Internet Group at 206-664-4000. -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Nicole Sent: Tuesday, March 16, 2004 2:27 PM To: nanog@nanog.org Subject: Firewall opinions wanted please Hi I am looking for a good but reasonably priced firewall for a 40 or so server site. Some people swear by Pix, others swear at it a lot. Also I have heard good things about Netscreen. Or any others you would recommend for protecting servers on a busy network. Don't really need anything with VPN just the standard http, ftp, ssh, https, type traffic up to 100mb throughput. From what I have heard a proxy firewall would be best? Thanks in advance!! Nicole -- |\ __ /| (`\ | o_o |__ ) ) // \\ - nmh@daemontech.com - Powered by FreeBSD - ------------------------------------------------------ " Daemons" will now be known as "spiritual guides" -Politically Correct UNIX Page