Firewalls

Today I've come across another good reason to NOT use a Software firewall, but instead invest in a decent router with a Hardware firewall, or setup a Smoothie, Monowall or other box. NVidia have announced that their next generation chipset (based around the nForce 590) will have a TCP / IP Offload Engine. This means that a lot of the actual 'work' of a network connection (establishing the connection using Syn / Ack, etc) is all offloaded onto hardware - freeing your CPU from these thankless tasks. What does this mean? Faster network, less load on your CPU for boring tasks ... and ultimately better gameplay! (OR server performance. You choose.) What's this got to do with Firewalls? The way software firewalls work is by intercepting (and ignoring) Syn requests - not sending Acks in other words. These will not work with TCP Offloading.. Hmmm. I think I'll go see if any of the PCI network cards I have lying around have offload engines...

Comments are closed