Security Basics mailing list archives
Deep Packet Inspection
From: cybersecure4561 () gmail com
Date: 5 Apr 2011 08:14:03 -0000
I'm posting to the forum to ask the opinion of senior fw experts which firewalls truly perform DPI. I've done some research & it appears that their is no industry standard that identifies what DPI is or does. I ask this question because Cisco IOS CBAC/Inspect or Zone Based rules do use signatures but do not update packet signatures. Cisco relies on the edition of IPS packet inspection (updates by SmartNet contract)to achieve the claim of DPI. IPS/IDS do have their place in the infrastructure but they are not firewall's. Enterprise security people would not say forget the FW let's use an IDS/IPS instead. Do Check Point & Juniper also rely on an IPS as an integral part of DPI or is this function & process carried out only by the FW? I know that CP has bundled an IPS into their suite but their IPS is renowned for false positives. It's my humble opinion that in the high end firewalls Check Point & Juniper really do DPI(L7). Are their any independent organizations/labs that have tested vendor claims & performance of firewalls that do DPI? ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Deep Packet Inspection cybersecure4561 (Apr 05)