RE: [fw-wiz] Multiple firewalls from different manufactureres

From: Eugene Kuznetsov (eugene_at_datapower.com)
Date: 01/28/05

  • Next message: Adam Shostack: "Re: [fw-wiz] Application-level Attacks"
    To: "'Keith A. Glass'" <salgak@speakeasy.net>, "'Joseph S D Yao'" <jsdy@center.osis.gov>, "'Marcus J. Ranum'" <mjr@ranum.com>
    Date: Fri, 28 Jan 2005 14:35:18 -0500
    
    

    > Of Keith A. Glass

    > Yes and no. You CAN put up a decent firewalling solution
    > using commodity computers, especially the 1-U units (Dell
    > 1700-series, HP Proliant DL360s, etc. . ) and either Linux,
    > Solaris (now that it's free) or some flavor of BSD, and the
    > firewall of your choice. I just wish some of the vendors
    > would allow their FW solution to be available outside the
    > "appliance" vehicle (Yes, I'm talking about Symantec and
    > Secure Computing. . .)

    Hmm, this is pretty interesting, because it's contrary to what I hear
    elsewhere. Could you talk about why you would rather get software instead of
    a sealed appliance -- ignoring, for the time being, the cases where the
    appliance includes hardware acceleration for some aspects of security
    processing. Is it perceived cost? Desire to reuse old hardware? Even for
    Checkpoint, over 50% of the business is appliance-based, maybe more now.

    Now, granted, if what you're getting from the vendor is the dreaded "server
    appliance" -- the same Dell 1U server with RedHat & some custom software
    preinstalled -- it probably doesn't matter.

    \\ Eugene Kuznetsov, Chairman & CTO : eugene@datapower.com
    \\ DataPower Technology, Inc. : Web Services security
    \\ http://www.datapower.com : XML-aware networks

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Adam Shostack: "Re: [fw-wiz] Application-level Attacks"

    Relevant Pages

    • New install question
      ... In my experience it's best to have a separate firewall ... addition to your DSL router and your SBS server. ... SBS server itself. ... I'd recommend a netscreen XP Firewall appliance for a ...
      (microsoft.public.windows.server.sbs)
    • Re: Firewall Appliance Needed?
      ... a hardware firewall is used in front of your ISA server there are a number ... firewall appliance has arisen. ...
      (microsoft.public.windows.server.sbs)
    • scan inbound and outbound traffic
      ... Hi...there is single Exchange 2003 server in the domain, ... inbound and outbound traffic directly. ... I know that we could have the firewall to point the port 25 to ... the appliance to scan the inbound traffic. ...
      (microsoft.public.exchange.admin)
    • Re: AD Site Criteria and DFS
      ... server appliance in the "datacenter" and a remote appliance in the branch ... The appliance runs windows and to the users in the branch it looks ... like a windows file server. ... into the datacenter file servers. ...
      (microsoft.public.windows.server.active_directory)
    • Re: AD Site Criteria and DFS
      ... server appliance in the "datacenter" and a remote appliance in the branch ... like a windows file server. ... into the datacenter file servers. ... "Anthony" wrote: ...
      (microsoft.public.windows.server.active_directory)