[fw-wiz] Secure Computing Sidewinder?
- From: Paul Hutchings <paul@xxxxxxxxxxx>
- Date: Sun, 8 Jun 2008 11:23:49 +0100
We currently use Microsoft ISA Server 2006 at the edge of our LAN (we have a hardware firewall in front of it at our perimeter).
The hardware it runs on is due for replacement, so I'm looking at the options as we don't use ISA for a specific set of reasons, we basically "fell" into it.
One of the options that I'm looking at is the Secure Computing Sidewinder. On paper it looks like a very nice bit of kit, and reading things such as that it's extensively used by banks and the military etc. instils a lot of confidence in the product.
I know both ISA and Sidewinder are "Application Layer" firewalls and act as proxies etc. but I'm struggling to get my head around why one might be "better" than the other, I guess I'm a little unclear on exactly what "Application Layer" means tbh despite reading various definitions?
My understanding with the Sidewinder is that the proxies receive each packet, tear it apart, inspects it, and then depending on the protocol it drops/discards anything that is dangerous, and in the case of safe content rewrites the packet and makes the connection itself it so that the source machine never connects directly to the destination, rather the connection always terminates at the Sidewinder, which makes the connection on its behalf?
I'm also struggling to understand how useful an application layer firewall is when it seemingly is never updated i.e. Microsoft ISA server?
Our requirements are pretty simple I would imagine:
We want to let traffic out, with the source being restricted by IP address or Active Directory user. Mostly standard protocols such as dns/smtp/http/https/ftp where we would expect all traffic to conform to the protocol. In some instances we'll need to open port X to destination Y and would want to simply allow traffic to pass and wouldn't expect a firewall to know what the traffic is as it will be something unique to an application that we're using.
We want to allow smtp in, as well as a few specific internal websites such as Outlook Web Access etc. which use HTTPS.
I'd appreciate any input on the specifics of how the two products differ and how one might be considered "better" than the other both in terms of bottom line security, and our requirements.
firewall-wizards mailing list
- Prev by Date: [fw-wiz] Portforwarding on NATed VPN
- Next by Date: Re: [fw-wiz] Secure Computing Sidewinder?
- Previous by thread: [fw-wiz] Portforwarding on NATed VPN
- Next by thread: Re: [fw-wiz] Secure Computing Sidewinder?