Educause Security Discussion mailing list archives
Re: Firewall Products
From: Gary Dobbins <dobbins () ND EDU>
Date: Fri, 3 Feb 2006 13:56:09 -0500
We've used Sidewinder for over 3 years now, and have been pleased with their support (the support line is usually answered by a real, live engineer-type, or one is near at hand, as distinct from reaching a call-center). The device inspects layer 7 for many protocols. Having deep packet inspection is certainly a source of comfort, but it's also possible to see traffic from commercial products violating the protocol's RFC/STD, and thus being blocked as potentially hostile. De-tuning to permit that traffic to pass is somewhat coarse-grained (can't say "this webpage is ok," have to say "this host doesn't get that level of scrutiny"). Their logging features are very useful, and can help diagnose the syndrome above, and many other anomalies. Lee Weers wrote:
I have a similar situation in that we have a 515 classic that we have out grown. Limited budget (actually no budget until July). I will be looking at pricing of the Sidewinder from Secure computing next week with a vendor. It sounds like a great appliance, but I am nervous about the cost.
-- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies
Current thread:
- Firewall Products Flagg, Martin D. (Feb 03)
- <Possible follow-ups>
- Re: Firewall Products Lee Weers (Feb 03)
- Re: Firewall Products Justin Dover (Feb 03)
- Re: Firewall Products Scholz, Greg (Feb 03)
- Re: Firewall Products David Gillett (Feb 03)
- Re: Firewall Products Gary Dobbins (Feb 03)
- Re: Firewall Products Daren Kinser (Feb 09)
- Re: Firewall Products Chris Fontaine (Feb 09)