Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name

From: Paul D. Robertson (proberts@patriot.net)
Date: 08/12/02


From: "Paul D. Robertson" <proberts@patriot.net>
To: Crispin Cowan <crispin@wirex.com>
Date: Mon Aug 12 18:47:01 2002

On Mon, 12 Aug 2002, Crispin Cowan wrote:

> Is anyone besides me sick to death of hearing about "intrusion
> prevention" and "gateway intrusion detection" technologies? These are

Buzzword of the week stuff always frustrates me.

> devices that sit in-line between the Internet and your LAN, apply
> intrusion detection pattern matching rules to the content they see
> streaming in to your site, and block the stuff they deem to be "bad."
> The canonical example being the Inline SNORT (nee Hogwash) open source
> project.
>
> To me, this is a firewall. It is sitting in exactly the same place in
> the network topology, performing the same function. It is using new
> kinds of rules to distinguish "good" traffic from "bad", but it is
> none-the-less a firewall.

I look at is as a signature-based firewall rather than a policy-based
firewall.

> "Signature Firewall" or something. But lets dispose of "intrusion
> prevention" in the tired hype bit bucket.
>

It's all that product differentiation stuff- how the heck are you gonna
get capital as a firewall vendor since the space is so well-carved out?

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts@patriot.net which may have no basis whatsoever in fact."
probertson@trusecure.com Director of Risk Assessment TruSecure Corporation



Relevant Pages

  • Re: [fw-wiz] Question about setting up PIX firewall
    ... > I would strongly disagree Paul. ... firewall there ... > amount of access while the user is connected to the vpn. ... But if you could find a client *and* compromise it, ...
    (Firewall-Wizards)
  • Re: how to share internet connection in fedora
    ... Dear Paul, the first answer stile "if you don´t really tell us WHAT you need, we cannot provide you any kind of solution" was and is perfectly acceptable. ... > there is a basic firewall configuration utility in the distro. ... >> can u plz explain me how to share internet connection in fedora os ... > the machinations of the wicked." ...
    (Fedora)
  • Re: redirection on network
    ... Paul T. ... I guess this is a question for the XP-firewall people. ... CE can access the XP box with no firewall and can access w2003s and vista ...
    (microsoft.public.windowsce.embedded)
  • Re: Microsoft has just released a public beta of Microsoft ActiveSync 4.2
    ... Paul T. ... I've got a Windows Mobile 2003 device sitting on the ... same PC that works perfectly and yet the new architecture which uses ... disabling of firewall settings or disabling the firewall. ...
    (microsoft.public.pocketpc.activesync)