Re: How is a software f/w inferior to a hardware f/w?
From: Melinda Shore (shore@panix.com)Date: 05/04/02
- Next message: Marco Spiga: "Re: Decent Firewall"
- Previous message: Erik: "Re: Firewall/gateway newbie"
- In reply to: Jack Daniels: "Re: How is a software f/w inferior to a hardware f/w?"
- Next in thread: Lars M. Hansen: "Re: How is a software f/w inferior to a hardware f/w?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: shore@panix.com (Melinda Shore) Date: 4 May 2002 08:21:20 -0400
In article <ZtDTPHV3WR0ia+ExqCVXTcxwj1hi@4ax.com>,
Jack Daniels <Barrister5@hotmail.com> wrote:
>If ZAP will only protect the computer it's on, how is it that the
>host/gateway I've installed it on blocks unwanted packets to the
>clients in the network? Requests from the clients are also blocked to
>the "outside/internet" zone. Those in the trusted zone, however, pass;
>as they should. Am I missing something?
I think there's an assumption that "software" (c'mon guys,
it's all software) firewalls running on Windows are running
on end hosts (singly-homed) and that the "hardware"
firewalls are necessarily bridging or, more rarely, routing.
The latter makes a certain amount of sense because you're
typically not going to connect one of those cheapie Linksys
boxes to your network and then not connect anything to it.
The former may or may not be the case - if you're using
Windows to provide your NAT, for example (ICS), the firewall
would protect the entire network behind it, as you describe
above.
--
Melinda Shore - Software longa, hardware brevis - shore@panix.com
If you send me harassing email, I'll probably post it
- Next message: Marco Spiga: "Re: Decent Firewall"
- Previous message: Erik: "Re: Firewall/gateway newbie"
- In reply to: Jack Daniels: "Re: How is a software f/w inferior to a hardware f/w?"
- Next in thread: Lars M. Hansen: "Re: How is a software f/w inferior to a hardware f/w?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
