Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name

From: Paul D. Robertson (
Date: 08/12/02

From: "Paul D. Robertson" <>
To: Crispin Cowan <>
Date: Mon Aug 12 18:47:01 2002

On Mon, 12 Aug 2002, Crispin Cowan wrote:

> Is anyone besides me sick to death of hearing about "intrusion
> prevention" and "gateway intrusion detection" technologies? These are

Buzzword of the week stuff always frustrates me.

> devices that sit in-line between the Internet and your LAN, apply
> intrusion detection pattern matching rules to the content they see
> streaming in to your site, and block the stuff they deem to be "bad."
> The canonical example being the Inline SNORT (nee Hogwash) open source
> project.
> To me, this is a firewall. It is sitting in exactly the same place in
> the network topology, performing the same function. It is using new
> kinds of rules to distinguish "good" traffic from "bad", but it is
> none-the-less a firewall.

I look at is as a signature-based firewall rather than a policy-based

> "Signature Firewall" or something. But lets dispose of "intrusion
> prevention" in the tired hype bit bucket.

It's all that product differentiation stuff- how the heck are you gonna
get capital as a firewall vendor since the space is so well-carved out?

Paul D. Robertson "My statements in this message are personal opinions which may have no basis whatsoever in fact." Director of Risk Assessment TruSecure Corporation

Relevant Pages

  • Re: [fw-wiz] Question about setting up PIX firewall
    ... > I would strongly disagree Paul. ... firewall there ... > amount of access while the user is connected to the vpn. ... But if you could find a client *and* compromise it, ...
  • Re: how to share internet connection in fedora
    ... Dear Paul, the first answer stile "if you don´t really tell us WHAT you need, we cannot provide you any kind of solution" was and is perfectly acceptable. ... > there is a basic firewall configuration utility in the distro. ... >> can u plz explain me how to share internet connection in fedora os ... > the machinations of the wicked." ...
  • Re: redirection on network
    ... Paul T. ... I guess this is a question for the XP-firewall people. ... CE can access the XP box with no firewall and can access w2003s and vista ...
  • Re: Microsoft has just released a public beta of Microsoft ActiveSync 4.2
    ... Paul T. ... I've got a Windows Mobile 2003 device sitting on the ... same PC that works perfectly and yet the new architecture which uses ... disabling of firewall settings or disabling the firewall. ...