Re: Firewalls purchase research
From: S. Pidgorny [MVP] (slavickp@yahoo.com)
Date: 03/27/03
- Next message: S. Pidgorny [MVP]: "Re: security online"
- Previous message: S. Pidgorny [MVP]: "Re: What if .... RSA algorithm is cracked??"
- In reply to: Thomas W Shinder [MVP]: "Re: Firewalls purchase research"
- Next in thread: Phillip Windell: "Re: Firewalls purchase research"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "S. Pidgorny [MVP]" <slavickp@yahoo.com> Date: Thu, 27 Mar 2003 20:41:31 +1100
Yes. Hardware firewalls never need patches. They are "set it and forget it"
kind of stuff - sysadmin's equivalent for "write once, run everywhere" that
solved all software development problems.
-- Svyatoslav Pidgorny, MS MVP, MCSE -= F1 is the key =- "Thomas W Shinder [MVP]" <tshinder@hotmail.com> wrote in message news:OHTdBsB9CHA.3008@TK2MSFTNGP11.phx.gbl... > Hi Phillip, > > I think that a lot of folks believe in "hardware" firewalls becasue they > look like a "black box", and not a computer. They've learned to not trust > "computers" because "computers" crash. But "hardware firewalls" aren't > computers, they're, well, you know, something else that isn't computers :-) > > Thanks! > -- > Tom > www.isaserver.org/shinder > Get the books! > ISA Server and Beyond: http://tinyurl.com/1jq1 > Configuring ISA Server: http://tinyurl.com/1llp > MVP -- ISA Server 2000 > > > "Phillip Windell" <pwindell@wandtv.com> wrote in message > news:OpnSmo#8CHA.2248@TK2MSFTNGP12.phx.gbl... > > Hardware based FWs also aren't as flexible with user-based security and > > usually depend instead on the users IP#,...which is worthless if you run > > DHCP. Typically they are nothing more than NAT Servers in a Box with > packet > > filtering. We run one and it appears that it will work with user accounts > > only if the account is created locally on the box that has the same > matching > > name and password,...which is worthless if user periodically changes > > passwords as they should and the Admin wouldn't know the password to use > it > > on the FW Box. Ours can read the accounts from a Windows DC, but at this > > point it isn't clear to me how it is supposed to use that information for > > "intergrated authentication", and I'm not interested enough in it to worry > > about it right now. > > > > So I use the Firewall for some things and the Proxy for other things. They > > are independent and neither depends on the other. One can go down while > the > > other keeps going. > > > > There's my 2 cents Fred, so now your up to 4 cents. :) > > > > > > -- > > > > Phillip Windell > > pwindell@wandtv.com > > WAND-TV (ABC Affiliate) > > www.wandtv.com > > > > "Fred Baumhardt [MSFT]" <fredbaum@microsoft.com> wrote in message > > news:eI2k0km8CHA.2284@TK2MSFTNGP12.phx.gbl... > > > The following is not personal at all or directed at you in any way - but > > > here goes..... > > > > > >
- Next message: S. Pidgorny [MVP]: "Re: security online"
- Previous message: S. Pidgorny [MVP]: "Re: What if .... RSA algorithm is cracked??"
- In reply to: Thomas W Shinder [MVP]: "Re: Firewalls purchase research"
- Next in thread: Phillip Windell: "Re: Firewalls purchase research"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
