Firewall Wizards mailing list archives
Re: Switch ACL vs Firewall
From: "Martin Hoz" <martinhoz () gmail com>
Date: Thu, 11 May 2006 21:18:43 -0500
On 5/7/06, Grant Bourzikas <strongrant () gmail com> wrote:
not use Firewalls but rather use Switch ACL's. Their point is that Switch ACL's do the same thing as firewalls if used in conjunction with a layered security model that uses Network IPS, Layer 7 Firewalls, and Host IPS, I
That's sort-of-right: modern firewalls do that as well: they put VPN, QoS and IPS/deep inspection technlogy and it makes sense... several customers use that are happy... What's the point of distributing that functionality when having some of it integrated makes more sense? - How do you add VPNs in the architecture they are proposing for example? - Would all of those things be managed from the same point, or are those different managements? - How many things would you have to learn, operate, update (in a word: manage) so you can do the same things you do today with what you have and are happy? - What about reporting? - How much hard work would you have to do to get useful reports that mean something to you (and to your management)? - How can be the whole thing audited? - How does that design scale to give you more Gbps, Connections-per-second? And finally... seems like they want to tie you... - What guarantees vendor independency/interoperability in their design? How is that achieved? - If you don't like a part of their design in the future (let's say you prefer a new IPS, or another firewall, plain and simple), how easy can you replace that component without affecting the overall design in performance, reliability and security? Interesting... huh? :-) - MartÃn. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Switch ACL vs Firewall Martin Hoz (May 12)
- <Possible follow-ups>
- Re: Switch ACL vs Firewall Dale W. Carder (May 12)
- Re: Switch ACL vs Firewall Chris Blask (May 12)