Firewall Wizards mailing list archives
RE: using raptor as a choke router
From: "Shivdasani, Meenoo" <Meenoo_Shivdasani () NAI com>
Date: Thu, 25 Feb 1999 08:27:59 -0800
server is it wise to use something like Raptor to both act as the internal choke router and proxy? and if it aint .. like the books say, why the hell do they sell such stuff which can do both? I mean, if it is a bad thing to combine both then why should I buy something which I wont fully use ? I am confuzzed !
It depends on the needs of your specific organization. Application proxies do provide better security, but your trade-off is that you lose performance. And in some cases, an application proxy may not be able to transfer the traffic that you need to transfer. Enter the packet filtering option. Packet filters do have their uses -- on at least one product that I'm familiar with, you can use the packet filter to remove or create transparency on firewall interfaces, pass protocols for which there aren't proxies (GRE for example), and block unwanted packets from ever reaching your firewall (like the network that I have blocked because of the irritating traffic that they keep sending my direction). YMMV, M
Current thread:
- using raptor as a choke router mjd (Feb 24)
- <Possible follow-ups>
- Re: using raptor as a choke router HASSAN . KARIM (Feb 25)
- RE: using raptor as a choke router Shivdasani, Meenoo (Feb 26)