Re: [fw-wiz] Firewall best practices

Well, maybe it's time to implement something like that in opensource?
Say, "smart redirector" for pf/iptables that diverts connection to specific
application proxy? I remember i was against the idea of transparent proxying
itself, and it is now proved i was wrong (and actually it was pretty obvious
back then as well that mobile users need transparent access as other ways
to keep configuration unified are too complicated for average administrator,
so it was just my blind spot). So, though i still doubt protocol heuristics
are good, there is definitely some demand.

Any sponsors or just technologies to steal? ;-)

On Mon, May 10, 2010 at 06:39:00PM -0700, david@xxxxxxx wrote:
someone mentioned elsewhere in this thread the Palo Alto boxes and their
application based ruleset.

It looks like Macafee is going very much down the same route with the
Sidewinder firewalls with version 8 (announced last week, due to be
released in June)

Since it's not out yet, it's impossible to do a complete comparison of
them, but it's worth keeping an eye on what happens.

David Lang
firewall-wizards mailing list

email protected and scanned by AdvascanTM - keeping email useful -

firewall-wizards mailing list

Relevant Pages

  • RE: Firewalls in a K-12 [More info from me]
    ... Firewalls in a K-12 ... Use transparent proxying with ipchains on linux to transparently ... redirect all port 80 and 443 traffic to your MS proxy server (though this ...
  • Re: Open source firewalls
    ... Transparent proxying is just doing some protocol filtering. ... A transparent proxy is a protocol filter, which is why it is an ... server apps it runs. ...