Firewall Wizards mailing list archives
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: Devdas Bhagat <dvb () users sourceforge net>
Date: Mon, 29 May 2006 03:53:18 +0530
On 28/05/06 09:52 -0400, Marcus J. Ranum wrote:
Devdas Bhagat wrote:Only the Sith deal in absolutes.OK, so we need to come up with a good "sith name" for me. :)
Darth Sidious, Darth Marcus...
This notion that security is a matter of degree is accurate in the large but inaccurate in the small. Unfortunately, we're all dealing with the small.
Not necessarily. This thread is dealing with the options in combining components. Should we go with a large application in a box, a box with multiple smaller applications put together by the vendor, or do we go with multiple boxes, each doing one thing well? While most of us would automatically say the third, the first offers features and possible ease of management while the second offers ease of management and the possibility that everything will work correctly with minimum hassle. The original question was about using the first or second option instead of the third. What we have no clue about is what resources are being defended, what the value of those resources is, what the time of the management team for the firewalls costs, what resources are already deployed.... The answer is 42. While the answers on this may say "Industry leaders say that we should use multiple boxes", it does nothing to help answer the question of actual suitability of the system(s) in question to deliver a desired level of security. Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG), (continued)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Devdas Bhagat (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Devdas Bhagat (May 27)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 28)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Paul D. Robertson (May 28)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 28)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Mark (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) George Capehart (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Jim Seymour (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) George Capehart (May 30)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Devdas Bhagat (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)
- cisco ssh rate limit hermit921 (May 26)
- Re: cisco ssh rate limit David Swafford (May 26)
- Re: cisco ssh rate limit hermit921 (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Balazs Scheidler (May 28)