Firewall Wizards mailing list archives
Re: Evolution of Firewalls
From: Frederick M Avolio <fred () avolio com>
Date: Mon, 08 Mar 2004 15:14:46 -0500
At 02:37 PM 3/8/2004 -0500, Dave Piscitello wrote:
Lots of names for the same security functionality: examining application headers and application data streams for attacks and blocking them. You can and some vendors still do this using proxy architecture, while some use the same stateful packet inspecting methods they used to examine network protocol headers.
well, yeah but not really. That is the problem. All different names for slightly different ways of doing things. The the devil is in the difference. But some people have lost those differences in the marketing noise, if they ever understood the differences.
The most secure firewall? Probably has less to do with proxy vs. stateful inspection than policy, implementation/configuration, and the admin at the policy console.
I disagree. Both are important. The greatest policy then only gives you as much security as your security mechanisms will allow.
Fred _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Evolution of Firewalls skpoo (Mar 07)
- <Possible follow-ups>
- Re: Evolution of Firewalls Frederick M Avolio (Mar 07)
- Re: Evolution of Firewalls Dave Piscitello (Mar 08)
- Re: Evolution of Firewalls Frederick M Avolio (Mar 08)
- Re: Evolution of Firewalls Dave Piscitello (Mar 09)
- Re: Evolution of Firewalls Frederick M Avolio (Mar 09)
- Re: Evolution of Firewalls Christian Kreibich (Mar 11)
- Re: Evolution of Firewalls Dave Piscitello (Mar 08)
- Re: Evolution of Firewalls ArkanoiD (Mar 09)
- Re: Evolution of Firewalls Patrick M. Hausen (Mar 11)
- Re: Evolution of Firewalls Mikael Olsson (Mar 11)
- Message not available
- Re: Evolution of Firewalls ArkanoiD (Mar 11)
- vpn end-point Shimon Silberschlag (Mar 18)
- Re: Evolution of Firewalls Marcus J. Ranum (Mar 09)