Firewall Wizards mailing list archives
Re: FW-1 running on Trusted Solaris 2.5 ?
From: Bennett Todd <bet () rahul net>
Date: Mon, 29 Sep 1997 11:07:38 -0700
On Mon, Sep 29, 1997 at 09:14:52AM -0800, Dexter D. Laggui wrote:
It has been said that Trusted Solaris (Orange Book B2-level) runs Off-The- Shelf software.
I'd guess that that claim is probably reasonable, for most cases of "Off-The-Shelf software". However...
Would it then be able to run Checkpoint FW-1 ?
Probably not, since the all the meat of the Checkpoint lies down below the IP stack. If it does run it, you get no advantage from having the B2 features, since the Checkpoint lies below them. This is one of the things that some firewall experts don't like about it --- most of its real meat is in very very low-level code, in a hard-to-debug and hard-to-modify language (state transition tables). If on the other hand you went for a hybrid or purely proxy solution, the proxy bits could be elegantly reinforced by the B2 features; this is the selling point of the BDM Cybershield, a firewall based on DG's B2 Unix. -Bennett
Current thread:
- FW-1 running on Trusted Solaris 2.5 ? Dexter D. Laggui (Sep 28)
- Re: FW-1 running on Trusted Solaris 2.5 ? Marcus J. Ranum (Sep 28)
- Re: FW-1 running on Trusted Solaris 2.5 ? Jyri Kaljundi (Sep 29)
- Re: FW-1 running on Trusted Solaris 2.5 ? Rudolf Schreiner (Sep 29)
- Re: FW-1 running on Trusted Solaris 2.5 ? Bennett Todd (Sep 30)