Re: Best way to go?




"Sebastian Gottschalk" <seppi@xxxxxxxxx> wrote in message
news:4f2hftF1hboecU1@xxxxxxxxxxxxxxxxx
Frankster wrote:
Not minding that ICSA Firewall Baseline Profile is just
at the level ofetermining that a product doesn't suck totally

If you feel this way about ICSA certification, why did you bring it up?

At first, this is not as bad as it means. I would require devices with
ISCA or equivalent certification for any serious business, of course
only after reading the evaluation.

But the point is that KFW is so proud of its certification and still
sucks, whereas the certification proves that is sucks. Just as an
argument to dismiss your bad suggestion.

I guess the bigger question is:
Cheap KFW which sucks vs. good but expensive ISA 2004 vs. cheap
netfilter on a Linux box or alike vs. expensive high-quality PIX? What
about proxies and DNS?

Okay, we dissagree. You think it "sucks" (technical term?) and I don't. I'll
leave it at that.

-Frank


.