RE: Axent Raptor

[dbovee () inetsec com (David Bovee)]

I'm sure this inquiry has gotten some response, but let me make a comment or
two...

You MIGHT want to consider a stateful inspection type of firewall, which
tend to be easier to implement than proxy-based firewalls, such as Raptor.
IMO, the proxies are slightly more secure, but I can say from experience
that tweaking a proxy firewall to do "all protocols" is a bit of a nightmare
and typically results in more insecurity than the proxy actually provides
anyway.

good luck.

-David

> -----Original Message-----
> From: owner-firewall-wizards () nfr net
> [mailto:owner-firewall-wizards () nfr net]On Behalf Of Russell Grant
> Sent: Monday, April 12, 1999 1:14 PM
> To: firewall-wizards () nfr net
> Subject: Axent Raptor
>
>
> My company is getting ready to install Axent Raptor for its firewall on an
> NT box.  I don't know much about the product and beyond a cursory look at
> firewalls in college, I'm fairly green at the whole topic (I learn quickly
> though).
>
> So here's what I'm looking at here:
>
> The firewall is between our web server and our company
> On an NT box  (That's what we have to use)
> There is one port of entry to the Internet for the company
> Must protect servers from unauthorized access from the outside
> Lax business culture.  People surf whenever and whereever they want.  But
> would like to monitor where they're going
>
> I'd like to know first and foremost, is this going to be able to do the
> job.  What other options should we look at given the scenario
> listed above?
> Anyone with some sage advice as to what I should be looking at
> once it's up
> and running or how this product has worked or not worked for them in the
> past, please post a comment or two on this topic.