Re: Evolution of Firewalls

[Dave Piscitello <dave () corecom com>]

Stateful inspection, deep packet inspection, application protection, 
application intelligence, application aware ...

Lots of names for the same security functionality: examining application 
headers and application data streams for attacks and blocking them. You can 
and some vendors still do this using proxy architecture, while some use the 
same stateful packet inspecting methods they used to examine network 
protocol headers.

The most secure firewall? Probably has less to do with proxy vs. stateful 
inspection than policy, implementation/configuration, and the admin at the 
policy console.

At 08:48 PM 3/7/2004 -0500, Frederick M Avolio wrote:
> At 11:56 PM 3/4/2004 +0800, skpoo () pacific net sg wrote:
> > ... Our team is currently debating if Stateful Deep Inspection firewall 
> > is going be the new technology to replace the Application Proxies 
> > firewall which deem to be most secure currently. ...
>
> At the risk of being obvious -- or worse, being called a dinosaur :-), It 
> depends. Do you care more about usability or security? When push comes to 
> shove is it more important to never stop a connection at the risk of the 
> possibility of something bad slipping through?  It really is as simple as 
> that. I tell people in one of my classes, you hear about it if you 
> misconfigure your firewall to reject a required action, but will rarely 
> hear about if if you allow too much through. (I stated it as "You always 
> hear about conservative errors but rarely about liberal ones," but that 
> could be taken wrong now-a-days.)
>
> Fred
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards