Скачать в pdf «Network+»

Windows, however, isn’t the fastest NOS platform, mainly because of the overhead required to maintain the graphical interface; thus, firewalls running on it aren’t the fastest. To address this issue, some firewall vendors are adding hardware accelerator cards to increase firewall throughput. Microsoft is advancing the line of Windows servers to utilize more than a dozen CPUs and gigabytes of memory in one box so that performance can be increased to much higher levels. These new features will make Windows NT much faster and thus more effective as a firewall platform. With the advent of Windows 2000 servers, high-end throughput speeds are possible.

The Black Box

A black box firewall implementation is your fourth choice. You do not know what operating system is inside the box, but it is definitely not Windows. It might be a special implementation of Unix or a completely proprietary system. These implementations tend to have the fastest throughput because they are designed specifically as firewalls, rather than as file and print network operating systems that run firewall software. Cisco’s PIX Firewall is an example of a proprietary black box system.

The major feature of a black box firewall is simplicity. You don’t have to worry about extraneous features such as file or print services. The box is only a firewall, not a server and a firewall.

Ease of use is not, however, a feature of a black box, which often lacks a screen or an input device. The administrator must rely on connecting to the black box using an external keyboard or terminal to change firewall configuration data. This is not typically a problem with firewalls that don’t require significant configuration (as in simpler network implementations). In this case, once the firewall is configured, you can pretty much leave it alone.

Скачать в pdf «Network+»