Firewall Wizards mailing list archives
IPS vs. Firewalls
From: "Phil Albacore" <phila () msgsPostini01 kvh co jp>
Date: Mon, 26 Dec 2005 16:39:51 +0900
Long time listener, first time poster... Some of the managers at my company are pushing to get rid of our firewall in exchange for IPS devices. They've heard that IPS sensors can be used to block traffic, so they've got it in their heads that we don't need a firewall anymore. I'm wondering if anyone on this list can give me a few salient points that can be used to rebuke this “strategy”. The one point that springs to mind immediately is that a firewall is (hopefully) a default deny device while an IPS is a default allow device. Putting aside that IPS and firewalls operate at different layers and so block based on different parameters, a default deny device is more likely to block 0 day attacks. Do you all agree with this statement and do you have any others that typical management can understand? Thanks for your help, Phil A.
Current thread:
- IPS vs. Firewalls Phil Albacore (Feb 02)
- Re: IPS vs. Firewalls ArkanoiD (Feb 02)
- Management vs. IT staff (was: Re: IPS vs. Firewalls) Patrick M. Hausen (Feb 02)
- Re: Management vs. IT staff (was: Re: IPS vs. Firewalls) ArkanoiD (Feb 03)
- Re: IPS vs. Firewalls Kevin (Feb 02)
- RE: IPS vs. Firewalls Paul Melson (Feb 07)
- Re: IPS vs. Firewalls Gabriele Buratti (Feb 03)
- Management vs. IT staff (was: Re: IPS vs. Firewalls) Patrick M. Hausen (Feb 02)
- Message not available
- Re: IPS vs. Firewalls Marcus J. Ranum (Feb 02)
- Re: IPS vs. Firewalls (why vs. ?) Gabriele Buratti (Feb 03)
- Re: IPS vs. Firewalls (why vs. ?) Marcus J. Ranum (Feb 07)
- Re: IPS vs. Firewalls (why vs. ?) Dave Piscitello (Feb 07)
- Re: IPS vs. Firewalls Marcus J. Ranum (Feb 02)
- Re: IPS vs. Firewalls ArkanoiD (Feb 02)