Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux on Nokia IP Series Hardware

Posted by timothy on from the but-it-wasn't-designed-for-that dept.

Anonymous Coward writes "Michael Rash has written a howto for the Linux Journal on getting Linux to run on a Nokia IP 330. Now we can use a free firewall on a platform normally designed to run Check Point Firewall-1. In these troubling times where IT departments all across the landscape are trying to reduce costs, this will allow companies to say 'No' to expensive support contracts and upgrade costs and still maintain security without having to buy new hardware."

2 of 138 comments (clear)

  1. Re:IPSO is More than Security by convolvatron · · Score: 5, Informative

    actually no. i was in the group that did the kernel work for ipso. it has a custom ip forwarding path and forwarding table machinery. the routing is done using a largely rewritten version of...gated

    these three things and the management system make ipso a good software routing platform.

    which doesn't really offset the cost of what is a pretty sluggish pc

  2. The poster must be joking... by Gruturo · · Score: 4, Informative

    Fist of all, the Nokia firewall appliances already run a stripped-down and hardened *nix (freeBSD-derivative) so this is not exactly new. People have been replacing it with a home brewed distro for a while, for the fun of it.

    Second you'd be crazy to ditch Checkpoint FW1 for iptables. I run a few FW1's at work, and have Linux+iptables at home, but I'd never exchange the two. Try to create a distributed, system-wide network policy with 5 clustered (stateful failover capable) enforcement points, some of which doing CVP-based email antivirus on the fly and tell me how easy it is with Iptables. And, get it to NAT Oracle sqlnet v2 sessions when someone decided not to run it on port 1521 "for added security" (aargh).

    Third, don't *have* to pay for yearly support contract, but usually you *want* to. You have an initial cost depending on the FW1 license (50-node, 250-node or unlimited) and then you keep paying for two things called support and accountability, which matter a lot in the business sector. And that's exacly why Linux, to really flourish in the business sector, at the moment has more need of companies professionally supporting it (for $$$) than developers.

    Don't get me wrong, I am a loyal, happy, avid Linux supporter and make my living out of it. I love Slackware and have come to rely on it like I could do with nothing else, but from the AC's comment it looks like he really got it totally wrong and never wondered *why* someone should pay for a professional product.

    --

    Vacuum cleaners suck. Kings rule.