Re: [fw-wiz] Application Intelligent vs ALG

From: Tony Miedaner (
Date: 06/23/03

  • Next message: Dave Rinker: "Re: [fw-wiz] PIX Failover Questions"
    To: Frederick M Avolio <>,,
    Date: Mon, 23 Jun 2003 17:41:35 -0400

    Several years ago I asked the question of what and everything that CP kept
    state on and got up the ladder to some engineer in New York. They told me
    it was proprietary.

    At 09:18 AM 6/23/2003 -0400, Frederick M Avolio wrote:
    >A fancy proxy.
    >Three different people from Check Point wrote me in response to a recent
    >column of mine, basically asking me if I had heard of this new feature.
    >I replied with a brief history. In short: Firewall-1 comes on the scene,
    >most FW1 users implement it with modules from the TIS FWTK (for adding
    >user authentication to FTP and TELNET), Check Point's marketing says
    >proxies are old technology, stateful inspection is the next generation of
    >firewall technology (before the term became a product name), people
    >persisted in using proxies, CP added "security servers" (proxies by
    >another name), and now this.
    >I asked them, how is this different from application gateways (security
    >proxies). I applaud the addition of them (like there are other hybrid
    >firewalls). But none of the three folks from CP replied to me.
    >I have no agenda, except the truth. (Boy, is this guy noble, or what? :-))
    >I'd like to know the answer to this: How this is different than
    >application gateways (if it is), and why is it better than Sidewinder,
    >Firebox, Raptor, et al.
    >Avolio Consulting, Inc.
    >16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
    >+1 410-309-6910 (voice) +1 410-309-6911 (fax)
    >PGP Key Fingerprint: 928D 0903 934F 8CFA 6124
    > BBF6 0B45 93C7 3521 CEA0
    >firewall-wizards mailing list

    firewall-wizards mailing list

  • Next message: Dave Rinker: "Re: [fw-wiz] PIX Failover Questions"