Commercial firewalls are pricey pieces of hardware, even without the cost of "support" (which usually includes little more than irregular software updates). Moreover, the security track record of these firewalls varies from vendor to vendor. Is it possible to do better with open source? Radek 'blufor' Slavicinsky'll answer this question by looking at the following:
- Hardware selection
- Network segmentation
- Designing firewall rules for efficiency
- High-availability pairing for HW
- Automating routine changes
- Overall system security
- Performance on 10G networks