Firewall Wizards mailing list archives
NT Gauntlet vs. BSD Gauntlet, Gauntlet "users"
From: Linwood Ferguson <ferguson () uvii mag aramark com>
Date: Wed, 03 Dec 1997 12:18:21 EST
This is only a semi-technical question, if not within the scope,
apologies.
TIS has changed their licensing to allow only limited "users".
Their explanation of a "user" is any IP address protected by the
firewall. Has anyone explored what this means from an implementation
standpoint? I hate to think that just having PC's out there that
receive e-mail (from an internal gateway) means they are "users".
I assume it is those who ever establish a session directly to or
from the firewall. Is that so? If so, is there a time frame
involved? Since Reboot? Do you have to do something really awful
like list them?
Or have they even released the code to enforce the tier structure
yet?
[The reason for the concern is that their licensing change retro-
actively affects us, as we must now choose which tier we want by
how much we want to pay for maintenance. I don't fault that approach
really, though it's a bit disheartening. We have only a handfull
of users who directly touch the firewall, but hundreds of IP
addresses inside.]
As to the other half of the question:
We are a happy Gauntlet user on BSD. However, we now have no unix
expertise in house (lots of VMS and NT). I've been considering
changing our Gauntlet system from BSD to NT. I can hear the groans
from the unix fans already, but having competency in managing the
platform must count for something.
What I'm interested in is comments on whether whatever TIS has done
to NT for that platform makes it a viable and as-secure firewall?
How about DNS (we run a split DNS now)? Please, I've heard all the
"would you trust Bill Gates with your wife" type comments; I'm not
trying to start a holy war. Just looking for experiences or technical
concerns.
Thanks in advance.
- Linwood
-----------------------------------------------------------------------
Linwood Ferguson e-mail: ferguson () mag aramark com
Director, Software Engineering Voice: (US) 540/967-0087
ARAMARK Mag & Book Services
Current thread:
- NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" Linwood Ferguson (Dec 08)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" Frederick M Avolio (Dec 09)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" carson (Dec 11)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" cbrenton (Dec 09)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" Jyri Kaljundi (Dec 11)
- <Possible follow-ups>
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" Linwood Ferguson (Dec 11)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" Frederick M Avolio (Dec 11)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" dnewman (Dec 11)
- Re: NT Gauntlet vs. BSD Gauntlet, Gauntlet "users" Frederick M Avolio (Dec 09)