Re: Firewall definition

From: David (davidwnh_at_adelphia.net)
Date: 12/30/03

  • Next message: David: "Re: Port 135 Probes Continue" 
    Date: Tue, 30 Dec 2003 03:56:25 GMT

    If by NAT router you mean cable/dsl router *technically* most of them
    are. The RFC's define a firewall as "any means" used to block unwanted
    traffic. There is nothing that defines which technologies or features
    need to be included in a device or application to make it a firewall,
    just that it needs to be capable of blocking unwanted traffic. There are
    some standards set that define specific classes of firewalls and these
    do look at specific technologies.

    A typical cable/dsl router that incorporates NAT is just as good if not
    better than MS's Internet Connection Firewall. This may be changing with
    SP2, I'm not sure, but I don't hear many saying ICF is not a firewall.

    If someone were to say NAT alone was not a firewall I would agree, but
    NAT alone does not protect its host and NAT by itself does not block
    unwanted traffic. A cable/dsl router does protect its host and does
    block unwanted traffic. And they generally include additional features
    that are found in some of the more typical firewalls. Also their NAT
    tables often contain more entries to match...following more along the
    lines of a connection tracking firewall than a pure NAT device.

    They may be labeled as routers since most have a router mode, but most
    are being used as connection sharing gateways and/or firewalls. More and
    more are being marketed as c/d router/firewalls, but along with this
    label the manufacturers have added additional features...some have added
    syn packet,ip address, icmp, and outbound filtering as well. They may
    not have as complete a feature set as other devices that are marketed
    solely as firewalls, but what does one expect in a $50 device.

    They may not provide the features that I or many others desire or
    require in a firewall, but for someone whose only requirements are to
    block unsolicited inbound traffic, to do it with a user-friendly
    standalone device, and with minimal user-interaction; most of the
    currently available cable/dsl routers provide an effective firewall for
    that particular type of user.

    > Is a NAT Router technically a Firewall?
    >
    > A lot of Router Manufacturers seem to list NAT as a Firewall feature
    > when selling ADSL/Cable Routers.
    >
    > I say it's a byproduct of how NAT works rather than really a Firewall.
    >
    > I say to be a Firewall means its must actively probe packets, block
    > suspicious ones and alert the user.
    >
    > A colleague says just a Router with NAT is a Firewall.
    >
    > Who's right? :-)

  • Next message: David: "Re: Port 135 Probes Continue"