RE: [fw-wiz] Multiple firewalls from different manufactureres

From: Eugene Kuznetsov (
Date: 01/28/05

  • Next message: Adam Shostack: "Re: [fw-wiz] Application-level Attacks"
    To: "'Keith A. Glass'" <>, "'Joseph S D Yao'" <>, "'Marcus J. Ranum'" <>
    Date: Fri, 28 Jan 2005 14:35:18 -0500

    > Of Keith A. Glass

    > Yes and no. You CAN put up a decent firewalling solution
    > using commodity computers, especially the 1-U units (Dell
    > 1700-series, HP Proliant DL360s, etc. . ) and either Linux,
    > Solaris (now that it's free) or some flavor of BSD, and the
    > firewall of your choice. I just wish some of the vendors
    > would allow their FW solution to be available outside the
    > "appliance" vehicle (Yes, I'm talking about Symantec and
    > Secure Computing. . .)

    Hmm, this is pretty interesting, because it's contrary to what I hear
    elsewhere. Could you talk about why you would rather get software instead of
    a sealed appliance -- ignoring, for the time being, the cases where the
    appliance includes hardware acceleration for some aspects of security
    processing. Is it perceived cost? Desire to reuse old hardware? Even for
    Checkpoint, over 50% of the business is appliance-based, maybe more now.

    Now, granted, if what you're getting from the vendor is the dreaded "server
    appliance" -- the same Dell 1U server with RedHat & some custom software
    preinstalled -- it probably doesn't matter.

    \\ Eugene Kuznetsov, Chairman & CTO :
    \\ DataPower Technology, Inc. : Web Services security
    \\ : XML-aware networks

    firewall-wizards mailing list

  • Next message: Adam Shostack: "Re: [fw-wiz] Application-level Attacks"