[ale] Cisco ACL's vs. Linux firewall?

[I. Herman]

First, lemme start off by saying I personally like the Linux firewall 
better (easier and cheaper).  Depending on the type of Router used (i'm 
presuming 3600 series?), it may be better to use the Cisco.  I am coming 
from seeing only Cisco in a real environment (aka outside of my home 
network).  Yes, both OS have holes, and security issues.  I know that 
Cisco's routers for firewalls are very strong, and you can get down to 
"anal" levels on Cisco routers.  I'm also not sure what protocols the Linux 
system has/has support for.  Cisco has support for BGP, RIP, EIGRP, IGRP, 
and some other routing protocols.  If I had the $$$, here's what I would do:

Here's what I would do (of course I am a "cherry")

Use the Linux box as the external firewall/BGP.  Connect that to a Cisco 
Catalyst switch and split areas off into VLANs.  Make one VLAN, the "DMZ", 
and use the other VLAN(s) for the labs, and separate parts of the lab, etc.

A beginners opinion, take it for what ya will - now you know why I don't do 
networking for a living :-P

Izzie


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.