[fw-wiz] Secure Computing Sidewinder?



We currently use Microsoft ISA Server 2006 at the edge of our LAN (we have a hardware firewall in front of it at our perimeter).

The hardware it runs on is due for replacement, so I'm looking at the options as we don't use ISA for a specific set of reasons, we basically "fell" into it.

One of the options that I'm looking at is the Secure Computing Sidewinder. On paper it looks like a very nice bit of kit, and reading things such as that it's extensively used by banks and the military etc. instils a lot of confidence in the product.

I know both ISA and Sidewinder are "Application Layer" firewalls and act as proxies etc. but I'm struggling to get my head around why one might be "better" than the other, I guess I'm a little unclear on exactly what "Application Layer" means tbh despite reading various definitions?

My understanding with the Sidewinder is that the proxies receive each packet, tear it apart, inspects it, and then depending on the protocol it drops/discards anything that is dangerous, and in the case of safe content rewrites the packet and makes the connection itself it so that the source machine never connects directly to the destination, rather the connection always terminates at the Sidewinder, which makes the connection on its behalf?

I'm also struggling to understand how useful an application layer firewall is when it seemingly is never updated i.e. Microsoft ISA server?

Our requirements are pretty simple I would imagine:

We want to let traffic out, with the source being restricted by IP address or Active Directory user. Mostly standard protocols such as dns/smtp/http/https/ftp where we would expect all traffic to conform to the protocol. In some instances we'll need to open port X to destination Y and would want to simply allow traffic to pass and wouldn't expect a firewall to know what the traffic is as it will be something unique to an application that we're using.

We want to allow smtp in, as well as a few specific internal websites such as Outlook Web Access etc. which use HTTPS.

I'd appreciate any input on the specifics of how the two products differ and how one might be considered "better" than the other both in terms of bottom line security, and our requirements.

cheers,
Paul
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: [fw-wiz] Secure Computing Sidewinder?
    ... hardware firewall in front of it at our perimeter). ... One of the options that I'm looking at is the Secure Computing Sidewinder. ... I know both ISA and Sidewinder are "Application Layer" firewalls and act as ... I'm also struggling to understand how useful an application layer firewall ...
    (Firewall-Wizards)
  • Re: ISA 2006 vs ASA
    ... lines we need to secure other than the Internet. ... software firewall is not a solution. ... Microsoft ISA Server Partners: Partner Hardware Solutions ...
    (microsoft.public.isa)
  • Re: Microsoft Firewall not started automatic
    ... If you re-run CEICW, enable the firewall, select your services and then ... Microsoft ISA Server Job Scheduler. ... Flor- Ocultar texto de la cita - ...
    (microsoft.public.windows.server.sbs)
  • Re: NAT Expertise Needed (Cisco,Watchguard,other)
    ... does Microsoft ISA Server have this problem as well? ... >> requires that the public interface and the external router be configured ... >> external router to point the traffic back to the firewall. ...
    (comp.security.firewalls)
  • The Routing and Remote Access service
    ... I have got this meeage in the evernt viewer and my firewal and VPN is not ... 1- The Microsoft ISA Server Control service terminated with service-specific ... 2- The Routing and Remote Access service depends on the Microsoft Firewall ...
    (microsoft.public.windows.server.sbs)