Firewall Wizards mailing list archives
Re: NAI Guantlet "Best of Show Award" The Real Deal
From: Frederick M Avolio <fred () avolio com>
Date: Wed, 11 Nov 1998 22:43:29 -0500
If we agree that the basic "feature" being touted is something like: start a connection at the proxy layer and then send data packets through at the packet layer AND you agree that its done primarily to increase throughput of the firewall - then I would agree with Andy that it is a re-work of the
Yes, but I do not agree that the only reason to do this is throughput, as we discussed a bit in Tucson the other day. Also, I discussed it I think some where in this thread. Sometimes it makes no sense to relay data through a proxy. For example, data that you do not process nor does it make any sense to process (audio streams come to mind).
I know what the Raptor Firewall Fastpath (RFF) does, but I don't know if it does more or less than what Gauntlet Adaptive Proxy (GAP) does. Based strictly on the whitepaper, I would judge it to be very similar to the RFF stuff and both being more than what CISCO PIX offers. The Cut-through proxy appears to have the actual proxy go away and not have anything more to do with the connection, whereas GAP and RFF leave the proxy "running", but only for control, not data transfer.
Yes and I consider this considerably more.
2) "As a result, an adapative proxy firewall is every bit as secure as a standard proxy firewall ...". I would claim this is simply not true. The real value of a standard proxy firewall is the fact that application data is checked for known attacks, not just that a logical separation of the networks has occured by creating a new connection for every session. For
Yes, but in the case where there is nothing to check (a video stream) or where the customer picks speed over security under certain conditions, this is more secure than the other methods mentioned by you.
The above basically describes the Raptor implementation as well. The CISCO implemenation would simply have the proxy go away completely. I cannot comment on the Secure Computing version of this capability.
I'd love to see a white paper on Raptor's implementation, even containing some marketing-speak as the Gauntlet paper. :-) Even if it has all that you say is missing in the Gauntlet paper. If Raptor has all of this also this is wonderful, very useful, a secure hybrid (as opposed to what some vendors with mixed systems offer), and you should have tooted your horn about it long ago. Also, NAI says they have applied for a patent, so make sure you've got your lab books dated and signed. :-) And -- since someone already asked -- no, I did not write the Gauntlet white paper. I'd have gotten the historic part correct. :-) Fred
Current thread:
- Re: NAI Guantlet "Best of Show Award" The Real Deal, (continued)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Joseph S D Yao (Nov 10)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Christopher Nicholls (Nov 11)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Andy Smith (Nov 11)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Frederick M Avolio (Nov 11)
- RE: NAI Guantlet "Best of Show Award" The Real Deal Waszak, Tom (Nov 10)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Joseph S D Yao (Nov 11)
- Re: NAI Guantlet "Best of Show Award" The Real Deal HASSAN . KARIM (Nov 11)
- Re: NAI Guantlet "Best of Show Award" The Real Deal cbrenton (Nov 11)
- RE: NAI Guantlet "Best of Show Award" The Real Deal Waszak, Tom (Nov 11)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Dale Lancaster (Nov 12)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Frederick M Avolio (Nov 12)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Dale Lancaster (Nov 12)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Frederick M Avolio (Nov 12)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Paul D. Robertson (Nov 12)
- Re: NAI Guantlet "Best of Show Award" The Real Deal Frederick M Avolio (Nov 12)