Re: [fw-wiz] Content Switch as security device?
From: Gary Flynn (flynngn@jmu.edu)
Date: 01/30/03
- Next message: Steve Evans: "[fw-wiz] Checkpoint Securemote"
- Previous message: W.C. Epperson: "[fw-wiz] Re: Acquisition of time"
- In reply to: Dave Mitchell: "Re: [fw-wiz] Content Switch as security device?"
- Next in thread: Duncan Sharp: "Re: [fw-wiz] Content Switch as security device?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Gary Flynn <flynngn@jmu.edu> To: Dave Mitchell <dmitchell@viawest.net> Date: Thu Jan 30 09:41:26 2003
Dave Mitchell wrote:
> Michel,
>
> Depending on the type of switch, you might not even have an ASIC that can perform
> under a DDOS or other type of attack.
This also may be true of a firewall.
> Content switches only balance traffic based on source
> and dest IP/port, and uses a load balancing algorithm to point it at your particular farm
> or server. It does not perform any other packet inspection to prevent mailicious traffic
> like a SYN attack, replay, or any other you can think of.
The Cisco boxes also inspect URLs. They also advertise that
they protect from denial of service attacks. Of course, they
also advertise that they can load balance across firewalls. :)
Functionality is merging in firewalls, IDS, IDP, content
switch, etc. to prevent this:
Inet->anti-DDOS->firewall->anti-virus->IDS/IDP->loadbalance->SSL->content->systems
I suspect there may be applications where a "content
switch" with security features is a better fit for the
organization than certain types of firewalls.
-- Gary Flynn Security Engineer - Technical Services James Madison University
- Next message: Steve Evans: "[fw-wiz] Checkpoint Securemote"
- Previous message: W.C. Epperson: "[fw-wiz] Re: Acquisition of time"
- In reply to: Dave Mitchell: "Re: [fw-wiz] Content Switch as security device?"
- Next in thread: Duncan Sharp: "Re: [fw-wiz] Content Switch as security device?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
