Thursday, June 22, 2006

OpenBSD VPN Goodness

Well, OpenBSD keeps getting better and better as a firewall platform. First, pf, CARP and pfsync for failover or load-balanced firewall clusters, and now IPSec VPN failover. Sounds like it will be ready for the next release this fall. While this has been available as a feature in expensive, proprietary firewalls for some time (think Check Point), I don't know of any free-software implementation that offers this. Add to this OpenBSD's BGP and OSPF implementations, and you have a very nice, open redundant routing platform. Developments like this are a welcome relief to small businesses and others that have a hard time affording proprietary solutions, and I'm not just talking about the monetary costs. After all, you still need someone with a clue to install and support your firewalls, and those people don't come cheap. I'm really talking about the hidden costs - like vendor lock-in, license management and disturbingly bad support.

Technorati Tags: , , ,

No comments: