Re: Content Switch as security device?

[Gary Flynn <flynngn () jmu edu>]

Dave Mitchell wrote:
> Michel,
>
> Depending on the type of switch, you might not even have an ASIC that can perform
> under a DDOS or other type of attack.

This also may be true of a firewall.

> Content switches only balance traffic based on source
> and dest IP/port, and uses a load balancing algorithm to point it at your particular farm
> or server. It does not perform any other packet inspection to prevent mailicious traffic
> like a SYN attack, replay, or any other you can think of.

The Cisco boxes also inspect URLs. They also advertise that
they protect from denial of service attacks. Of course, they
also advertise that they can load balance across firewalls. :)

Functionality is merging in firewalls, IDS, IDP, content
switch, etc. to prevent this:

Inet->anti-DDOS->firewall->anti-virus->IDS/IDP->loadbalance->SSL->content->systems

I suspect there may be applications where a "content
switch" with security features is a better fit for the
organization than certain types of firewalls.

--
Gary Flynn
Security Engineer - Technical Services
James Madison University

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards