Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name

From: "Paul D. Robertson" <proberts () patriot net>
Date: Mon, 12 Aug 2002 18:52:58 -0400 (EDT)
On Mon, 12 Aug 2002, Crispin Cowan wrote:


Is anyone besides me sick to death of hearing about "intrusion 
prevention" and "gateway intrusion detection" technologies? These are 


Buzzword of the week stuff always frustrates me.


devices that sit in-line between the Internet and your LAN, apply 
intrusion detection pattern matching rules to the content they see 
streaming in to your site, and block the stuff they deem to be "bad." 
The canonical example being the Inline SNORT (nee Hogwash) open source 
project.

To me, this is a firewall. It is sitting in exactly the same place in 
the network topology, performing the same function. It is using new 
kinds of rules to distinguish "good" traffic from "bad", but it is 
none-the-less a firewall.


I look at is as a signature-based firewall rather than a policy-based 
firewall.


"Signature Firewall" or something. But lets dispose of "intrusion 
prevention" in the tired hype bit bucket.



It's all that product differentiation stuff- how the heck are you gonna 
get capital as a firewall vendor since the space is so well-carved out?

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: