IPSec Firewall/ Windows 2000 Server

Ai, for that matter all these firewalls are just Linux kernels using Netfilter and iptables.. if you have a Linux box lying around you can just throw in a couple of iptables rules..

be aware that its more involved than a nice point and click interface, but you do have GTK-iptables which is GUI.. and smoothwall, shorewall etc are all based round the kernels native packet filtering capabilities.

It truely sucks that Microsoft doesnt have something similar.. yes I know they have ICF which was a good half-baked step in the right direction.. I believe with XP-SP2 the ICF will be given real teeth.. I suppose they're planning to put the personal firewall companies out of business.

I dont know if I'm the only skeptic here, but somehow I don't like using Microsoft Security products.. sure ISA is a really nifty, pro-active, integrated, actualized, total solution, buzzword friendly product... I just wouldn't protect anything other than my box running and original copy of DOS 6.2 with it.


(a clue for the unenlightened, DOS doesn't come with a TCP/IP stack).

Hi

Yeah, I agree; it all goes in with Linux + IPTables. But a lot other things in consideration are how much its stripped down, hardened, kernel support etc etc.

Somebody, please ask for my preference. My full support goes to devil-linux, which I would say the best I have encountered. I will run everything behind it. Crackers welcome to break devil-linux firewall. I need a reboot and a change in the rule or small fix.

GUI? I like it especially with fwbuilder, because it eases out complex rules. Why should I worry about the underlying commands? All I need is a great firewall, and 'time does matter' in corporates. devil-linux comes 'out-of-the-box' with fwbuilder daemon on it. WoW!

Regarding Microsoft (M$) I reserve my comments this time.

Regards
Cheetah