Security Basics mailing list archives
Re: Hardware vs Software Firewall/Router
From: "David Vertie" <verticalrave () hotmail com>
Date: Fri, 04 Apr 2003 06:15:12 +0000
Hey there,Since you are mainly a Windows company, there are some Windows problems I've seen lately that you could probably mention.
There is the danger of rootkits, (on windows) that may disable firewall or routing software on the box (or worse yet, modify them so all types of traffic or servers can be run), the potentiality of multiple flaws in the OS, viruses that spread across the internet, taking advantage of some flaw in the design of a windows box you may have.
Since many administrators no longer bother to touch the actual box that they've made to be a firewall/router, much of the time, these boxes can fall prey for months on end before something amiss is discovered.
_My information may not be 100% accurate_, because i've been semi-out of the loop for awhile now. I believe that one arguement that you'll have to stand up to is the 'Well nobody knows about Norton's software, so how could they design a trojan for it?'
I just want to know though, if you were going to go with the hardware solution, which would you have picked? Linksys? (I know the Cisco PIX has had its problems in the past and near present)
David
From: <nsm () e-paradise net> To: security-basics () securityfocus com Subject: Hardware vs Software Firewall/Router Date: 2 Apr 2003 03:11:54 -0000 I work for a consulting company that services businesses with 30 to 200 clients. Our IT Manager likes to use a Linksys, or a 3Com hardware firewall solution. He is also thinking of introducing the Symantec Raptor (I could be incorrect on the name) software solution. We are mostly a windows based firm with little *nix experience, so most software solutions are out already. My reason for posting is: I would like to provide a valid argument for not using a software solution, and making our hardware solutions a little more upscale, say PIX, Nokia, Checkpoint etc. The IT managers argument is that he finds far less vulnerabilities in the software solutions or the Linksys and 3Com than what he does in the PIX etc. I am of course familiar with all of the basic differences, I am more so looking for valid argumentative points. Any input would be greatly appreciated. ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
_________________________________________________________________Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
Current thread:
- Hardware vs Software Firewall/Router nsm (Apr 02)
- RE: Hardware vs Software Firewall/Router David Gillett (Apr 04)
- Re: Hardware vs Software Firewall/Router Xaos (Apr 04)
- <Possible follow-ups>
- Re: Hardware vs Software Firewall/Router James Lee Gromoll (Apr 03)
- Re: Hardware vs Software Firewall/Router Jim Miller @ Cox (Apr 04)
- Re: Hardware vs Software Firewall/Router David Vertie (Apr 04)
- RE: Hardware vs Software Firewall/Router Chris Berry (Apr 04)