[ale] Firewall discussion...hardware horsepower?

[Geoffrey]

Chris Woodfield wrote:
> As an adjunct to the firewall discussion, I'm looking at upgrading 
> mine...I'm currently running a Via EDEN 500 based box which does strict 
> packet filtering and connection tracking fine, but starts to have issues 
> when I turn on any sort of packet logging and/or IDS. I also would like 
> something I can rackmount in a 1U case.
> 
> Obviously I don't need a 3 GHz Pentium 4 and a gig a RAM for this; would 
> would be the minimum suggested system to use here? I'm basically looking 
> to run iptables in a one-to-one NAT config for some hosts and 
> one-to-many NAT for others, and do blocked packet logging, snort, and 
> some small servers (DHCP, SNMP for generating MRTG graphs, and possibly 
> a SOCKS proxypot as well).

Personal experience says you would want at least a P200 for 
nat/logging/snort minimum.  When you start talking all the other 
goodies, I'd step up to a PII 400, or something at least.  If you're 
going to be doing any substantial encrypted data transfer (ssh, ssl, 
vpns) I'd say your minimum then jumps to a PIII 600 or so.

-- 
Until later, Geoffrey                     Registered Linux User #108567
Building secure systems in spite of Microsoft