Re: Is Netgear FVS318 a "true" firewall?

From: Mark (nothere_at_notthere.com)
Date: 06/21/05


Date: 20 Jun 2005 18:48:03 -0500

I'd also pick holes in this statement: "Intrusion Detection features".

Netgear (and Cisco) misuse the terminology.

If AV and Spyware is a concern I would point you too a more sophisticated
solution, such as a Netscreen, Sonicwall, or Fortinet appliance (my fav is
Sonicwall at the moment). Using the Sonicwall as an example it has true
Intrusion Prevention, Gateway AV which adds a nice second layer of AV (but
you should always keep desktop/server AV as well), and anti-syware (biggie
for me at the moment).

"Leythos" <void@nowhere.lan> wrote in message
news:MPG.1d21134594e147b9989931@news-server.columbus.rr.com...
> In article <1119306325.139265.159530@g47g2000cwa.googlegroups.com>,
> pm771.am@gmail.com says...
> > I'm just a beginner in computer security in general and firewalls in
> > particular (though I've spent quite a few years in IT in application
> > development).
> >
> > Netgear FVS318 is described as "True Firewall using Stateful Packet
> > Inspection (SPI) and Intrusion Detection features, Denial of Service
> > (DoS) attack protection, and VPN pass-through for extra security."
> >
> > Will it (on its own) provide an adequate protection for a small office
> > with a shared Internet access? Does it need to be complimented by
> > anything else on the hardware side?
> >
> > If user workstations run up-to-date anti-virus and anti-spyware
> > software, is any other client side monitoring required?
>
> The 318 is a NAT box with some firewall LIKE features. I does not
> protect the protected network from anything seeking to get out - such as
> if your local computer were to get an SMTP virus, one that spams the
> world using it's own built-in SMTP engine, the 318 would not stop it
> from getting out and attacking the world.
>
> A firewall has independent rules for inbound and outbound, it does not
> just ALLOW all outbound by default, nor does it allow inbound by
> default.
>
> Many quality firewalls will know the difference between HTTP on port 80
> and some non-HTTP session on port 80. None of the cheap devices for home
> users can do that.
>
> Now, is it enough for a home user or small office, sure, you just need
> to know how to secure the OS on each system, understand that basics of
> true network and application security, and how to lock down the network
> and workstations against stupid/ignorant users running them.
>
> --
> --
> spam999free@rrohio.com
> remove 999 in order to email me



Relevant Pages

  • Re: Stoping outgoing access
    ... Most of your SOHO level firewalls from Netscreen, Sonicwall can do such. ... limited to the amount of computers on your network that can access the ... > I'm on a private network behind a firewall. ...
    (microsoft.public.win2000.security)
  • RE: [fw-wiz] Firewalls v. Router ACLs
    ... people to take in consideration in network design and layout. ... here and the old firewalls list often emphasized an approach that avoided ... The logging alert features alone turn this layer into a IDS as ... > An appropriately sized router will not have any performance problems. ...
    (Firewall-Wizards)
  • [fw-wiz] IDS/IPS and LOGS
    ... nasty behavior is happening on your network (where your network is ... easily turn your IPS into a big denial of service attack. ... My guess is that most of the Worlds firewalls and IDS/IPS only have half ... I noticed that there is a big emphasis on log parsing while there should ...
    (Firewall-Wizards)
  • Re: Establish persistant outbound connection for covert application
    ... which firewalls are running etc.) and then communicate its ... the actual network layer. ... They do have 2 network interfaces in case I want to chain them between a PC ... They also have a wireless interface so I can hook into the machine if I am ...
    (Security-Basics)
  • Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Featu
    ... Firewall Content Filtering Features + SonicWALL firewalls 0day ... you should consider the possibility of the attack vector ... Anyway, I'm now releasing full details on how the technique works, ...
    (Full-Disclosure)