Security Basics mailing list archives
RE: Software/Hardware Firewall
From: "Jon Pastore" <jpastore () idetech net>
Date: Thu, 17 Apr 2003 13:42:47 -0400
Yes you are correct...goes back to Cisco is really a software company selling their IOS on their hardware...I was trying to say that difference between iptables on al Linux box or a device devoted to just fire walling like a watch guard or the like... Jon Pastore, President IDE Tech, Inc. (954) 360-0393 Office (954) 428-0442 Fax -----Original Message----- From: thedistance [mailto:thedistance () 1thedistance com] Sent: Thursday, April 17, 2003 1:22 PM To: jpastore () idetech net Cc: security-basics () securityfocus com Subject: Re: Software/Hardware Firewall Actually, correct me if I'm wrong, but all firewalls are software. It's just some are packaged with specific hardware packages. This is true for Cisco Pix, Netscreen, and I believe the Watch Guard as well as others. The only difference is that the software is customized for specific hardware and the software has limited interaction with the end user. A hardware firewall would be a dangerous beast since once an exploit is found you would have to purchase a new device or send it in to be refitted. I believe the differences are more clearly expressed in terms of "Prepackaged Firewall" and "Build your own Firewall" td I've never cared hardware versus software, as long as the job got done. I mean technically you would have less problems with hardware (someone's going to flame me for that) the reason I say this is I have a dell server using iptables with 2 nics and you would think everything would be fine...well the driver that kudzu picked was deprecated by Red Hat and I had this problem where something got over flowed or hung ...whatever... and iptables said I can't deal with this let the packets FLOW...all goes back to this deprecated driver...if it's deprecated remove it...I understand leaving in nslookup but drivers? Come on that was a potential bad problem that we were lucky we found first... Anyway we're purchasing a Watch Guard Firebox 1000 this thing seems pretty kewl... Jon Pastore, President IDE Tech, Inc. (954) 360-0393 Office (954) 428-0442 Fax On 4/16/03 2:43 PM, "Jon Pastore" <jpastore () idetech net> wrote:
security-basics () securityfocus com
-- thedistance --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- Software/Hardware Firewall D K (Apr 15)
- RE: Software/Hardware Firewall Jon Pastore (Apr 17)
- Re: Software/Hardware Firewall thedistance (Apr 17)
- RE: Software/Hardware Firewall Jon Pastore (Apr 17)
- RE: Software/Hardware Firewall David Gillett (Apr 17)
- Re: Software/Hardware Firewall thedistance (Apr 17)
- <Possible follow-ups>
- Re: Software/Hardware Firewall D K (Apr 21)
- RE: Software/Hardware Firewall Jon Pastore (Apr 17)