What is the objective of "winning"? Is he just going to throw a pen test at it? Do you get multiple runs of this pentest? Is there an attempt to overwhelm the firewall with legitimate traffic to measure maximum load?<br>
<br><div class="gmail_quote">On Fri, Jun 15, 2012 at 9:46 AM, Josh Rivel <span dir="ltr"><<a href="mailto:josh@rivels.org" target="_blank">josh@rivels.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
So after badgering my manager nonstop about how great OpenBSD with pf<br>
is, he's letting me do a "bakeoff" of two identical boxes - one will<br>
be running OpenBSD 5.1 w/pf, and the other a popular commercial<br>
firewall software.<br>
I probably will not be starting this project until first week in July,<br>
but wanted to get some tips (feel free to contact me off list if you<br>
don't think it's appropriate) of any custom tuning or deployment tips<br>
and tricks for enterprise wide OpenBSD/pf deployments, management of<br>
the policies, etc.<br>
I really want OpenBSD to win :)<br>
Thanks in advance.<br>
Josh<br>
_______________________________________________<br>
talk mailing list<br>
<a href="mailto:talk@lists.nycbug.org">talk@lists.nycbug.org</a><br>
<a href="http://lists.nycbug.org/mailman/listinfo/talk" target="_blank">http://lists.nycbug.org/mailman/listinfo/talk</a><br>
</blockquote></div><br>