Firewall Wizards mailing list archives
RE: Air Gap VS. Firewall
From: "Paz" <ariel () sys-security com>
Date: Tue, 26 Sep 2000 17:51:13 +0200
YES! Give the man a cigar - The only real security feature you are buying with an air-gap firewall is the HTTP (or any other protocol) parsing ability. When you buy this "proxy otherwise presented" firewall you simply put more trust in the air-gap company then in another proxy level firewall. PAZ Crispin wrote: Yes, there is benefit, but that's the wrong question. There is no real difference between this description and an application proxy firewall. It's a fine design for a proxy firewall. But the snake oil alarms start going off when the vendors try to characterize them as somehow different from proxies. So while the classification of firewall types can be tedious, inspecting the difference between "air gap" firewalls and other kinds of firewalls really is nothing more than a nuance in firewall classification. Crispin _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- Air Gap vs. firewall a burbatsky (Sep 22)
- Re: Air Gap vs. firewall Marcus J. Ranum (Sep 22)
- Re: Air Gap vs. firewall Crispin Cowan (Sep 23)
- RE: Air Gap vs. firewall Ofir Arkin (Sep 23)
- Re: Air Gap vs. firewall Joseph S D Yao (Sep 23)
- <Possible follow-ups>
- Re: Air Gap vs. firewall Steven M. Bellovin (Sep 23)
- RE: Air Gap vs. firewall David Bovee (Sep 23)
- Air Gap VS. Firewall Campbell Family (Sep 25)
- Re: Air Gap VS. Firewall Crispin Cowan (Sep 26)
- Re: Air Gap VS. Firewall Marcus J. Ranum (Sep 26)
- Re: Air Gap VS. Firewall Crispin Cowan (Sep 26)
- RE: Air Gap VS. Firewall Paz (Sep 26)