Gauntlet 6.0

[Ng Pheng Siong <ngps () post1 com>]

Hi,

While awaiting arrival of hardware to install Gauntlet 6.0 on, I've been
perusing the docu. The following come to mind:

- Is the GEMS protocol documented? What are its security properties? (GEMS
  is Gauntlet's centralised firewall management technology.) 

- Plugs-TCP redirect addressing - This appears to require static routing to
  the specific redirected address to be propagated upstream (until some
  NSP/ISP filters it out). Is this how it works? Has any one encountered a
  real-world scenario where this feature is useful?

- This Gauntlet-to-be-installed interposes a WebLogic app server and its
  clients, which are Java servlets on Internet-facing web servers. Is there
  a compelling security reason to use the plug proxy instead of packet
  filtering for the WebLogic t3/t3s protocols? (Doubtless my client's
  techies will cite performance reasons against the proxy...)

TIA for your input. Cheers.
-- 
Ng Pheng Siong <ngps () post1 com> * http://www.post1.com/home/ngps

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards