RE: [fw-wiz] Firewalls Compared

• Previous message: Alex Bihlmaier: "Re: [fw-wiz] Sun/Solaris Checkpoint FW-1 Question"
• Maybe in reply to: kashif: "[fw-wiz] Firewalls Compared"
• Next in thread: Marcus J. Ranum: "Re: [fw-wiz] Firewalls Compared"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <ark@eltex.net>
Date: Sun, 27 Jun 2004 10:57:01 -0400

NuqneH,

Thanks for the feedback...it's something I'll keep in mind for future
articles and I really value your constructive comments.

One thing to know is that each of the ZDNet articles were supposed to be no
longer than 600 words. It's hard to get very much in depth in such a short
piece so I really could only touch on things at a high level. I agree that
logging was mentioned too briefly...which is why at a later point in time I
wrote a column called "Read Your Firewall Logs!" which you can find via
Google. The content length for the Jupiter Media article is 1500 words which
is why it is longer. It's often a requirement that you keep your article
within a certain number of words so you may have only a limited amount of
space to get to the point. Maybe at some point I can write an article on the
advantages and disadvantages of "order independent rule checking."

Laura

-----Original Message-----
From: ArkanoiD [mailto:ark@eltex.net]
Sent: Sunday, June 27, 2004 4:31 AM
To: Laura Taylor
Cc: firewall-wizards@honor.icsalabs.com
Subject: Re: [fw-wiz] Firewalls Compared

nuqneH,

I've found that articles
are written from "packet filter" point of view, paying almost no
attention to application protocol support and advanced features besides
virus scanning, thus it appears
like it does not mattter if firewall can enforce application security
policy with proper granularity. And - again - no difference for
protecting servers vs protecting workstations.

"order-independant rule checking" is more than questonable feature,
there are "first match" and "last match" rulesets and i think it's much
better to keep it clear witch method is used rather than utilize some
wicked AI to decide ;-)

Logging/reporting capabilities are mentioned too briefly, though it is most
important thing to know what happens on the firewall (you cannot just
read whole daily syslog every morning ;-)

On Sat, Jun 26, 2004 at 09:06:17AM -0400, Laura Taylor wrote:
>
> I would have responded sooner but I was under some tight deadlines to get
> some work done....
>
> I wrote some articles on how to buy a firewall a few years ago. They are a
> little dated in that there are some new features and functionality that
> exists on leading products today, that did not exist when I wrote these
> articles. However, many of the basic principles still exist, and some of
the
> tips might at least help you get going in selecting a firewall.
>
> Firewall Shopping 101
> http://www.intranetjournal.com/articles/200202/se_02_13_02a.html
> February 13, 2002
>
> Select the Right Firweall: Part 1
>
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2694089,00.html
> March 8, 2001
>
> Select the Right Firewall: Part 2
>
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2700852,00.html
> March 25, 2001
>
> If you decide to read these articles, let me know if you find any
mistakes.
> I might not have had enough cups of coffee when I wrote them and if I
write
> any new articles on this topic, I am always open to suggestions for
> improvements.
>
> In my not so copious freetime, I am working on a dynamic spread*** that
> mathematically tabulates firewall decision-making and selection by
> components. However, being a single Mom with a full-time job doesn't leave
> me much time to do the fun stuff so it will be awhile before this is
> anywhere near finished....
>
> Laura Taylor
> Relevant Technologies, Inc.
> www.relevanttechnologies.com
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
> email protected and scanned by AdvascanTM - keeping email useful -
www.advascan.com
>
>
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Alex Bihlmaier: "Re: [fw-wiz] Sun/Solaris Checkpoint FW-1 Question"
• Maybe in reply to: kashif: "[fw-wiz] Firewalls Compared"
• Next in thread: Marcus J. Ranum: "Re: [fw-wiz] Firewalls Compared"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]