Firewall Wizards mailing list archives
Re: Disecting the Cisco PIX
From: mag () bunuel tii matav hu (Magosányi Árpád)
Date: Tue, 30 Jul 2002 19:54:20 +0000
Hi! What we are facing here is the result of a firm having very strong marketing muscle. Cisco PIX is technically at the low end of packet filtering routers (even cisco's own "firewall feature set" for routers is more useable). BUT: -It is called Cisco. -It is called firewall (which it isn't). -It is heavily advertised. -It have several papers with stamps which basically say that this stuff cannot do anything serious, and do this nothing with a below-moderate level of assurance. If you read them you will see, but not much people reads them, and even an average middle level manager would not understand a word of it. They are happy having these papers, and that's all. Well, lotsa people does what you said. You can find tens of products on the market of this type. There are also a lot of boxen which built this way. The majority of these boxen are actually running linux, and a lot of them runs real firewall software like fwtk, t.rex or Zorp. According to a market analysis, there are more such boxes running as firewalls, especially in the small business area than "big commercial" firewalls (at least in this part of the world). It is true that a lot of them has been designed with no real security policy in mind, and built by people who are not very good at network perimeter security. But also there are some which was built by the top gurus of this craft along solid ideas, and with magnitudes stronger tools than you can find among the market leader "firewalls" (most of which are not even firewalls.) A levelezĹ‘m azt hiszi, hogy Art Mason a következĹ‘eket Ărta: []
this? If so, why couldn't one just throw OpenBSD onto some flash media, drop a couple of Intel Pro100+ dual-port NICs in a 2U rackmount case,
[]
up PF from the CLI? This is just something I've been wondering about for a while, and was curious as to what others in the know had to say about it. Thanks in advance.
-- GNU GPL: csak tiszta forrásból _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Disecting the Cisco PIX Roger Marquis (Aug 01)
- <Possible follow-ups>
- Re: Disecting the Cisco PIX Paul Robertson (Aug 01)
- Re: Disecting the Cisco PIX Magosányi Árpád (Aug 01)
- Re: Disecting the Cisco PIX Paul Robertson (Aug 01)
- Re: Disecting the Cisco PIX Art Mason (Aug 01)