Firewall backup system

I have a SparcStation 5 with an Axent Raptor Firewall.  I am very happy with it but would like to have a backup for this.  I have the choices of another Sun box or getting a LINUX box.  Of course if the LINUX box has sufficient firewall capabilities, I would go with that - but I am still a little wary of that OS at this time.  So basically, I am looking for an opinion.  Also, I have worked with SGI's a lot and would like an opinion of how they stack up against similar SUN systems.
Who is Participating?
kadokevConnect With a Mentor Commented:
The price of a SparcStation 5 is becoming very affordable, I would suggest that as a backup in case the primary firewall fails, you would be best served by purchasing another SparcStation 5 and configuring it to be identical to the original, keeping the configuration in sync with the main firewall.

Compared to SGI or PC systems, Sparc hardware is very reliable, I would be wary of the IRIX or Linux operating system for a firewall.

FYI, we (actually, Mike Frantzen) just found a bug in Axent Raptor that allows anybody anywhere to crash your firewall with just one packet. Axent will be releasing a patch ASAP.

The best protection against bugs in the firewall code itself is to have a packet filtering router in front of the firewall, blocking all unusual packets (ICMP, IP options, etc). We (Mike Frantzen and others at MSG.Net) have found remotely exploitable Denial Of Service (DOS) bugs in every firewall except for the Cisco PIX.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.