Firewall Wizards mailing list archives

Re: Firewall Throughput

From: jan () nil si
Date: Thu, 14 Sep 2000 18:23:14 +0200

From everything I've heard, the PIX (and the NetRanger) are
based on a stripped down version of Solaris x86.  Therefore,
Cisco has definitely crossed the line in claiming that PIX is
not based on a Unix system.


Just to put an end to this whole discussion, here are some facts ;)))

1. PIX runs an operating system called Finesse, which is small, multithreaded,
    and not UNIX-like, at least in user-space; a Finesse user can configure the
firewalling
    subsystem, view the process table, view some system stats, upgrade the
system,
    an not much else in userland.

    In my opinion, it would be close to QNX/VXworks, if you had to compare it
with anything
    (and I am guessing here).

2. NetRanger (oops, the Cisco Secure Intrusion Detection System) sensors do
    run on a hardened && stripped Solaris x86 - without an IP address on the
    untrusted interface :)

Cheers,
Jan

Jan Bervar
Specialist za podatkovne komunikacije, CCIE #2527
Consulting Engineer
NIL Data Communications,  Einspielerjeva 6,  1000 Ljubljana,  Slovenia
Phone +386 1 4746 500       Fax +386 1 4746 501      http://www.NIL.si



_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

Re: Firewall Throughput, (continued)
- - Re: Firewall Throughput Patrick Darden (Sep 06)
- Re: Firewall Throughput Andy W (Sep 06)
- Re: Firewall Throughput bsgupta (Sep 07)
  - RE: Firewall Throughput Robert Purdy (Sep 08)
- RE: Firewall Throughput Mills, Craig (Sep 12)
- Re: Firewall Throughput Chris Calabrese (Sep 12)
- RE: Firewall Throughput Ben Nagy (Sep 12)
- RE: Firewall Throughput Ben Nagy (Sep 12)
- Re: Firewall Throughput Chris Calabrese (Sep 13)
- RE: Firewall Throughput LeGrow, Matt (Sep 14)
- Re: Firewall Throughput jan (Sep 16)