Re: [fw-wiz] IPS vs. Firewalls
- From: Gabriele Buratti <gabriele.buratti@xxxxxxxxxx>
- Date: Fri, 03 Feb 2006 14:29:14 +0100
ArkanoiD wrote:
(I'd even say that anyone who seriously claim that IPS can replace firewall
is stupid moron with lack of understanding even security basics, and if
those people are allowed to make technical decisions your company has damn
big management problems)
I agree, but something must be added.
A pure IPS can't replace a firewall if it's doing just application protocol analisys/control. You still need policies. A IPS-firewall (stateful inspection + policy + layer7 inspection) can replace and sometimes do better than a firewall (stateful inspection + policy)
regards
Gabriele
begin:vcard
fn:Gabriele Buratti
n:Buratti;Gabriele
org:NETASQ Italia;Presales
adr:;;via Giovanni da Udine, 34;Milano;MI;20156;Italy
email;internet:gabriele.buratti@xxxxxxxxxx
tel;work:+39 02 38093754
tel;fax:+39 02 38093752
x-mozilla-html:FALSE
url:http://www.netasq.com
version:2.1
end:vcard
- References:
- [fw-wiz] IPS vs. Firewalls
- From: Phil Albacore
- Re: [fw-wiz] IPS vs. Firewalls
- From: ArkanoiD
- [fw-wiz] IPS vs. Firewalls
- Prev by Date: Re: [fw-wiz] IPS vs. Firewalls (why vs. ?)
- Next by Date: [fw-wiz] re: fw-wiz] Cisco PIX-520
- Previous by thread: RE: [fw-wiz] IPS vs. Firewalls
- Next by thread: Re: [fw-wiz] IPS vs. Firewalls
- Index(es):
Relevant Pages
|
|
