Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: FunkyZero

Who do you have for service?


96 posted on 03/06/2007 5:56:34 PM PST by lmr (The answers to life don't involve complex solutions.)
[ Post Reply | Private Reply | To 59 | View Replies ]

To: lmr

I am on comcast.
However, I have to throw in some info for the masses to absorb. Good info if you are interested:
- Don't assume the cable modem (It's actually a combo router/protocol bridge technically) that comcast gave you is worthy of your needs.I've tried quite a few. I settled on the absolute fastest.. Arris. Yes, it makes a big difference... roughly 15% from best to worst. The worst being a couple of RCA units. The Motorola's weren't too bad, but still couldn't keep up with the Arris.
Secondly, if you are using a $35.00 netgear switch or hub that you picked up a best buy, this is another choke point. Although not huge gains,you will get better performance with higher end ethernet hardware. I personally run a cisco catalyst 3560. Even if you ebay an old Bay Networks or Nortel 450, you will see gains. you don't need gigabit, 10/100 is fine, jsut make it a quality SWITCH, not a hub. make sure your ports are running full duplex if you cable "modem" is capable. This is critical @ 10mb especially for performance and you can only manage these features with a manageable switch. Hubs do NOT do full duplex, they are not capable.
Are you wireless? another problem child. You won't get these kinds of speed on any wireless connection (well, ieee 802.11x wireless anyway). I am hard wired. There are far too many variablesto control with wireless to keep it reliably fast.

Lastly and most importantly, the firewall.
I have used and tested so many firewalls, I have lost count.
Likely, the best software based firewall I have ever tested with was GnatBox (www.gta.com). It requires a dedicated PC (Like an old Pentium 90 or something cheap) and boots from a single floppy. I don't know if they even produce it anymore. I've used several packaged Linux based firewalls. Smoothwall is another good one (and it's free), very fast, but not very configurable.
I have settled on a Cisco ASA5505. I used to run a Cisco PIX 501, and it was pretty mad fast also, but sadly, end of life and doesn't support the newest 7.X code from cisco.
I can tell you, I have marked the worst and best. The ASA gives me roughly 3X the throughput as a DLink DFL series firewall. Really, the difference in firewalls can be that drastic. The DLink is total garbage along with Linksys and Netgear. You really do get what you pay for in these specific units.
Another good appliance based firewall is the Netscreen. you can pick up an old Netscreen 5xP on ebay for around 50 buck. Most people can't figure out how to run the things, so you can get them reasonable. Not as fast as the ASA, but dang near, and a nice little firewall for the $.
If you are Ok with the 6.X cisco code, a PIX 501 is still a fantastic little firewall too... again, 150-200 bucks on ebay.
I don't run firewalls on my desktop, nor will I ever. They aren't good firewalls, they are buggy, and are a serious pain in the rump. If you are relying on one for your means of protection, well... good luck to you.


178 posted on 03/06/2007 7:25:05 PM PST by FunkyZero
[ Post Reply | Private Reply | To 96 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson