Re: [fw-wiz] Host based vs network firewall in datacenter

• Previous message: Mark Sargent: "[fw-wiz] Password Recovery IP330"
• In reply to: Rik Schneider: "RE: [fw-wiz] Host based vs network firewall in datacenter"
• Next in thread: Chuck Swiger: "Re: [fw-wiz] Host based vs network firewall in datacenter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com
Date: Wed, 15 Jun 2005 21:21:24 -0500

On 6/10/05, Rik Schneider <riks@wni.com> wrote:
> From: Zurek, Patrick - Tuesday, June 07, 2005 12:34 PM
> To: firewall-wizards@honor.icsalabs.com
> > 2) As a short term measure I have applied ipfilter on several of our non-
> > production hosts. My manager has began to advocate putting it on all
> > production systems now (about 15 hosts).

Assuming you've completed thorough testing on non-production hosts, you
should feel comfortable in applying ipfilter policies to your
production systems.

> > Is ipf on a production Sun 15k a good idea?
>
> IPF works well but depending on your support requirements you may need
> to look at a commercial solution. If you are using Solaris 8 or 9 and
> are under sun support you may want to look at Sunscreen Lite but I still
> prefer ipfilter.

So does Sun.... Solaris 10 includes a version of ipfilter:
     http://www.sun.com/software/solaris/faqs/security.xml#q2

Kevin Kadow
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Mark Sargent: "[fw-wiz] Password Recovery IP330"
• In reply to: Rik Schneider: "RE: [fw-wiz] Host based vs network firewall in datacenter"
• Next in thread: Chuck Swiger: "Re: [fw-wiz] Host based vs network firewall in datacenter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]