March 26, 2001, 1:19 PM —
The idea is simple -- let's get some custom hardware and software, put them into one easy-to-install "black box" and write some software to manage the beast. The end user doesn't need to know what OS is inside, or how to install and configure the software. This approach can be useful -- you can install this kind of firewall in minutes and not worry about playing with installation, reading boring manuals, and so on. The hardware is customized for the software and the software is polished for the hardware. The only problem is that you don't really know how it works -- but intruders probably don't, either.
Most hardware firewall appliances are ordinary server machines with a preinstalled and preconfigured software firewall. WatchGuard Firebox II, manufactured by WatchGuard Technologies, follows a different approach. For Firebox II, WatchGuard designed completely new hardware from the ground up to ensure better performance.
It must be some kind of perversion that open source software, namely Linux, was used to build a completely proprietary "black box" solution. This can be a problem if you want to hack around with the Firebox II software. On the other hand, if you want to do that, you bought the wrong product in the first place.