2007/02/07

A story about firewall

This is a true story.

A large corporation in Hong Kong is using Checkpoint Firewall on Windows 2000 Server as a software firewall. My first thinking is that Windows 2000 Server is not a hardened server OS. How could one rely on a non-hardened server OS to build a mission critical application on top of it. The second thinking I have is that patches for Windows OS are released as frequent as several times a month. When patches are added, the server has to be stopped and re-started. Testing would be followed to check if the added patches will create new problem. The third bad thing is that Windows Server requires periodic reboot, unlike Unix or Linux which do not require re-boot after running for two to three years. This results in some loss of availability. Having said that, I could not imagine how this application can offer 24 x 7 x 365 non-stop service.

No comments: