Security Basics mailing list archives

RE: Watchguard Firebox firewalls

From: "Naren - Pactech" <naren () pactech net>
Date: Tue, 11 Nov 2003 11:11:52 +0800

Hi,

Basically, WG firebox series (note .. not the soho series .. ) include a few Intrusion prevention .. options, like port 
blocking with an option to automatically block all traffic from the IP that tried to initiate connection from the 
'banned' port, and anamoly detection in proxies (SMTP or HTTP, for example) which can trigger an auto-block of the 
source that sent 'suspicious' traffic. Additionally, on SMTP proxy, you can filter extensions, and domains .. etc. etc. 
And the included reporting tools are very user friendly, and intuitive. Added to that is the basic choice of syn flood 
prevention and all those .. 

Do you need an IDS ? Well, if you want an independant 'pattern' based detection system, which gets updated for latest 
threats, over the WG IPS, which is reasonably impressive anyway, compared to other SME firewalls ..  but static, basic 
and not comparable with commercial IDS, well, you should deploy an IDS. 

BTW, what is the cost factor you are talking for an IDS ??? If you are deploying a FB 500, I wonder whether you do need 
a IDS .. 

T. Naren 
Technical Manager - Pactech Pte Ltd., Singapore
Infocomm Security Solutions Distribution and Services
o: +65-62711123
p: +65-95778725
e: naren () pactech net 
w: <http://www.pactech.net>
[Firewalls: Borderware - Watchguard - Sonicwall]


-----Original Message-----
From: bailey () dcsb net [mailto:bailey () dcsb net]
Sent: Tuesday, November 11, 2003 1:13 AM
To: security-basics () securityfocus com
Subject: Watchguard Firebox firewalls




I am looking at the Watchguard Firebox 500.  What I am wondering is, it says that it was Intrusion Prevention built 
into it.  Is this a true Intrusion Prevention System?  Also, does someone need to have both a Intrusion Prevention 
System, along with a Intrusion Detection System?  Thanks



This mail has been scanned for known virusses, by the Borderware Mail
Firewall, using the Kaspersky AV Engine. For more information, visit
http://www.pactech.net

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------

Current thread:

Watchguard Firebox firewalls bailey (Nov 10)
- RE: Watchguard Firebox firewalls Naren - Pactech (Nov 11)
- <Possible follow-ups>
- RE: Watchguard Firebox firewalls CHRIS GRABENSTEIN (Nov 10)
  - RE: WatchGuard Firebox firewalls Randy Williams (Nov 11)
  - RE: Watchguard Firebox firewalls Bill Hamel (Nov 11)
- Re: Watchguard Firebox firewalls H Carvey (Nov 11)
- RE: Watchguard Firebox firewalls Chris Berry (Nov 11)
- RE: Watchguard Firebox firewalls Henry, Christopher M. (Nov 18)