[fw-wiz] Layer 2 firewalls ...

From: Andrew K. Adams (akadams_at_psc.edu)
Date: 08/29/05

  • Next message: Tichomir Kotek: "Re: [fw-wiz] PIX denying SSH Access - until I run PDM?"
    To: firewall-wizards@honor.icsalabs.com
    Date: Mon, 29 Aug 2005 14:26:02 -0400
    
    

    Is anyone aware of any *disadvantages* of layer 2 firewalls?

    Current marketing seems to be pushing layer 2 firewalls mostly, as far as I
    can tell, to reduce the possibility of the device being compromised (no ip
    address.) And it seems to me, that any network using a media of Ethernet
    could (and should?) be doing this, unless of course, they needed the device
    to perform layer 3 or 4 utility (e.g., NAT), additionally.

    I readily admit that I don't possess "link layer" expertise, and thus, I
    suspect that I must be missing something further, if layer 2 firewalls are
    indeed a trade-off.

    Thanks!

    -aka

    --
    Andrew K. Adams
    Pittsburgh GigaPoP & Network Research Group
    Pittsburgh Supercomputing Center      Office: 306-A Mellon Institute
    Carnegie Mellon University            Phone:  (412) 268-5142
    4400 Fifth Ave.                       Fax:    (412) 268-8200
    Pittsburgh, PA 15213                  WWW:    http://www.psc.edu/~akadams/
           D3 FA 7D 61 FD ED BD D9  0C DE 94 DB 0F 25 D0 2E
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Tichomir Kotek: "Re: [fw-wiz] PIX denying SSH Access - until I run PDM?"