Dedicated Firewall vs. Ip filtering (iptables, etc) on each machine

Assume under 10 machines serving various functions.


Advantages and Disadvantges to both setups.

Pros for dedicated firewall -
1 central place - rules etc, less chance to forget something on a machine

1 central place for all traffic to pass thru - good for IDS, stats, Etc!


Cons
1 central place ... to fail!
Extra hardware/Cost!
Extra IP Addresses.


Any comment?

 

 

 

 

Top