Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)

From: "Shashi Shekhar" <shashi.shekhar () rogers com>
Date: Thu, 25 May 2006 09:24:59 -0400
Yes this is the new trend

I'd suggest - to view this more as a trend towards tightly integrated
architecture than appliances because none of the current all-in-ones
available in the market are geared towards Enterprise

Performance degradation needs to be taken into account when it comes to this
- a 2Gbps FW/VPN with everything turned on may only do few hundred megs
irrespective of what datasheets may state.

BTW Have you looked at Check Point UTM....has firewall, VPN, IPS, SSL, Anti
Virus and as I heard URL Filtering is coming as well

Shashi

-----Original Message-----
From: firewall-wizards-bounces () listserv icsalabs com
[mailto:firewall-wizards-bounces () listserv icsalabs com] On Behalf Of Robert
A Beken
Sent: Wednesday, May 24, 2006 12:12 PM
To: firewall-wizards () listserv icsalabs com
Subject: [fw-wiz] Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)

I have a question for the group about this new trend of using a single 
firewall for all IDS and Firewall related tasks in an integrated box for 
enterprise organizations (not SOHO).  I personally think it's a bad idea 
and lacks flexibility in configuration and  "defense in depth" posture 
towards security.  What are other people's thoughts?

Thanks and Regards,


Robert Beken CISSP, GCFW
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: