Quote:
personally, i was against this idea of setting up a machine with OS as a firewall. i wanted a dedicated firewall device (symantec,watchguard,cisco) but i got out voted by other IT guys. it mainly came down to money. their case was that for the price of 1 FW device, they can get 3 BDS FW's and cover 3 of our sites.
Please note that even the so-called hardware firewalls run some sort of OS. For PIX it's IOS, a Checkpoint can run on IPSO (nokia hardware), NT/W2K (intel hardware) and a few others. Just like any other system you'll need to keep the OS (and the rest of the software) up2date.