Educause Security Discussion mailing list archives

Re: PIX/AS Vs. Linux/IPtables

From: Gary Dobbins <dobbins () ND EDU>
Date: Wed, 30 Sep 2009 06:42:20 -0400

Not offhand, but I can offer this advantage over iptables (presuming you mean in-host filtration, versus using Linux as 
a standalone external filter system):  The ASA being separate reduces the chances of a mistake by a sysadmin in 
adjusting the filter, or a compromised machine being able to adjust its own filter rules.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of ron 
behrang
Sent: Tuesday, September 29, 2009 10:38 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] PIX/AS Vs. Linux/IPtables

Hello,

Does anyone know of a good paper on the merits of using PIX/ASA
instead using Linux/iptables?

Thanks
Ron

Current thread:

PIX/AS Vs. Linux/IPtables ron behrang (Sep 29)
- <Possible follow-ups>
- Re: PIX/AS Vs. Linux/IPtables Gary Dobbins (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables HALL, NATHANIEL D. (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables Justin Azoff (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables Joe Vieira (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables Gary Dobbins (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables John Ladwig (Sep 30)
- Re: PIX/AS Vs. Linux/IPtables David Gillett (Sep 30)