Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Application Intelligent vs ALG

From: SimonChan () lifeisgreat com sg
Date: Wed, 25 Jun 2003 19:41:41 +0800

Hi all,

I would like to thank all for sharing their valuable views on this matter.

For the benefit of the rest of the folks, the answer is in volume 4 of
Information Security Managment Handbook Chapter 9 - an examination of
Firewall Architectures.

;-)



Rgds,

Simon Chan,   MCP/MCSA/CCNA/CCSA/WCSP
Senior Security Engineer
Great Eastern Life Assurance Co. Ltd.

------------------------------------------------------------------------------------

"My statements in this message are personal opinions
which may have no basis whatsoever in fact."



                                                                                                                        
         
                    Frederick M Avolio                                                                                  
         
                    <fred () avolio com>                     To:     SimonChan () lifeisgreat com sg,                   
               
                    Sent by:                               firewall-wizards () honor icsalabs com                       
            
                    firewall-wizards-admin () honor ic       cc:                                                        
            
                    salabs.com                            Subject:     Re: [fw-wiz] Application Intelligent vs ALG      
         
                                                                                                                        
         
                                                                                                                        
         
                    06/23/2003 09:18 PM                                                                                 
         
                                                                                                                        
         
                                                                                                                        
         




A fancy proxy.

Three different people from Check Point wrote me in response to a recent
column of mine, basically asking me if I had heard of this new feature.

I replied with a brief history. In short: Firewall-1 comes on the scene,
most FW1 users implement it with modules from the TIS FWTK (for adding user

authentication to FTP and TELNET), Check Point's marketing says proxies are

old technology, stateful inspection is the next generation of firewall
technology (before the term became a product name), people persisted in
using proxies, CP added "security servers" (proxies by another name), and
now this.

I asked them, how is this different from application gateways (security
proxies). I applaud the addition of them (like there are other hybrid
firewalls). But none of the three folks from CP replied to me.

I have no agenda, except the truth. (Boy, is this guy noble, or what? :-))
I'd like to know the answer to this: How this is different than application

gateways (if it is), and why is it better than Sidewinder, Firebox, Raptor,

et al.


Fred
Avolio Consulting, Inc.
16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
+1 410-309-6910 (voice) +1 410-309-6911 (fax)
http://www.avolio.com/
PGP Key Fingerprint:    928D 0903 934F 8CFA 6124
                         BBF6 0B45 93C7 3521 CEA0

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards




_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: