Security Basics mailing list archives
RE: Physical Firewalls VS NAT
From: "Chad Butler" <chad.butler () ipaymybills com>
Date: Wed, 30 Oct 2002 13:58:42 -0500
I think the best advice in this type of situation is that which has been given to me before. The more granular the filtering, the better. I would think it would come down to what type of network the client is trying to protect. If it is one in which the risk of network compromise is acceptable, then something like a filtering router or stateful packet filtering firewall might be fine. However, if a network compromise would bring the particular client to their knees, you might want to look at something a little more robust like an application proxy. Just in case you don't know the difference between the options I just mentioned, a stateful packet filter firewall provides slightly more security than an IP filtering/port blocking device in that it is aware of what packet behavior and communication conditions should look like. It is in the event of attacks against web applications, for instance, when the traffic is behaving as normal with attack instructions embedded inside, that the application proxy comes into play. It can often drop connections based on anomalies in the application layer of the TCP/IP stack. An example of the application proxy device is Raptor firewall. It provides port blocking/IP filtering tasks, redirects for public to private addresses, NAT, spoofed responses to attack attempts, etc. I hope this helps. Chad Butler Security Administrator GSEC iPay, LLC 866-851-4729 ext. 240 -----Original Message----- From: Rick Darsey [mailto:rdarsey () aims1 com] Sent: Wednesday, October 30, 2002 10:10 AM To: Security Basics Subject: Physical Firewalls VS NAT I am not sure if this is the right list for this question. If it is not, please let me know where to post it. I am doing some research for one of my clients. They have requested a physical firewall installed on their network. They are already running a NAT'ed network behind a LinkSYS router. In this situation, what benifits, if any, will the physical firewall provide? The LinkSYS router already does port filtering and forwarding, and blocks incoming WAN requests. This is my understanding of what a firewall does. Granted, the firewall will be more granular, but is it necessary, or just redundant? Thanks Rick Darsey AIMS, Inc.
Current thread:
- Physical Firewalls VS NAT Rick Darsey (Oct 30)
- RE: Physical Firewalls VS NAT Chad Butler (Oct 31)
- <Possible follow-ups>
- Re: Physical Firewalls VS NAT Chris Berry (Oct 31)
- RE: Physical Firewalls VS NAT Leonard.Ong (Oct 31)