Re: [fw-wiz] Comparisons between Router ACLs and Firewalls
From: David Pick (d.m.pick_at_qmul.ac.uk)
Date: 01/02/04
- Previous message: Don Parker: "Re: [fw-wiz] port 27015"
- In reply to: sd2mcleo_at_engmail.uwaterloo.ca: "[fw-wiz] Comparisons between Router ACLs and Firewalls"
- Next in thread: Bill James: "RE: [fw-wiz] Comparisons between Router ACLs and Firewalls"
- Reply: Bill James: "RE: [fw-wiz] Comparisons between Router ACLs and Firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: sd2mcleo@engmail.uwaterloo.ca Date: Thu, 01 Jan 2004 23:16:48 +0000
There are several different "firewall" technologies that work
at different layers in the protocol stack. One of these is
"packet filtering" and router ACLs are just one particular
implementation of this general technique. They are, in the
real world, an important implementation because there are
usually more routers than there are firewalls in a network
and using this allows more conotrol points to be used and also
allow for more depth to your defences.
In the network I control at my place of work we're replacing
Cisco routers by PCs running FreeBSD and IPFilter so that we
can have better controls at more levels in the protocol stack
than is provided by simple ACLs.
-- David Pick _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Don Parker: "Re: [fw-wiz] port 27015"
- In reply to: sd2mcleo_at_engmail.uwaterloo.ca: "[fw-wiz] Comparisons between Router ACLs and Firewalls"
- Next in thread: Bill James: "RE: [fw-wiz] Comparisons between Router ACLs and Firewalls"
- Reply: Bill James: "RE: [fw-wiz] Comparisons between Router ACLs and Firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
