Firewall Wizards mailing list archives
RE: Multiple firewalls from different manufactureres
From: "Paul D. Robertson" <paul () compuwar net>
Date: Fri, 28 Jan 2005 20:20:20 -0500 (EST)
On Fri, 28 Jan 2005 MHawkins () TULLIB COM wrote:
Yes but PLA's are reprogrammable. Sort of like EPROM or EEPROM. Atleast they can be swapped out. Imagine a PCI like "security" slot that is where you plug in your "secured protocol module".
It's difficult enough getting folks to update their software.
Sure, converting an RFC into something that works in a PLA would be tough. But doable.
Who's implementation?
And actually IPSec is a great example where ASIC's have been developed to handle the algorithms along with parts of the layer 3 implementation.
It's also a great example of why doing so isn't the easiest task on the planet for a single protocol, let alone the number a firewall should deal with. When two products from the same vendor can't intercommunicate, things are not good. Take the amount of time it took to get IPSec to even work with PSKs...
Ofcourse, you would want to ensure that you could upload new code to the PLA's (or swap them out) - in a secure manner.
The more difficult it is to update, the less updating will happen.
Imagine if I could put a card into my pc that matched virus signatures instead of using all those CPU cycles having it done in software.
I can't imagine opening a PC every week to swap out cards, and it's still in software, it's just the software gets loaded on chip. You're still going to have to wait on something, no matter where you do it. I've got a better solution- change platforms, I haven't run AV software in at least a dozen years, a true zero cycle solution ;) Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Multiple firewalls from different manufactureres, (continued)
- Re: Multiple firewalls from different manufactureres Keith A. Glass (Jan 28)
- Re: Multiple firewalls from different manufactureres Joseph S D Yao (Jan 28)
- RE: Multiple firewalls from different manufactureres Hurst, Dave (Jan 28)
- RE: Multiple firewalls from different manufactureres Paul D. Robertson (Jan 28)
- RE: Multiple firewalls from different manufactureres Behm, Jeffrey L. (Jan 28)
- Re: Multiple firewalls from different manufactureres Keith A. Glass (Jan 28)
- RE: Multiple firewalls from different manufactureres MHawkins (Jan 28)
- RE: Multiple firewalls from different manufactureres Paul D. Robertson (Jan 28)
- Message not available
- RE: Multiple firewalls from different manufactureres Marcus J. Ranum (Jan 29)
- Re: Multiple firewalls from different manufactureres Keith A. Glass (Jan 28)
- RE: Multiple firewalls from different manufactureres MHawkins (Jan 28)
- RE: Multiple firewalls from different manufactureres Paul D. Robertson (Jan 28)
- Re: Multiple firewalls from different manufactureres Joseph S D Yao (Jan 29)
- RE: Multiple firewalls from different manufactureres Hurst, Dave (Jan 28)
- RE: Multiple firewalls from different manufactureres Paul D. Robertson (Jan 28)
- RE: Multiple firewalls from different manufactureres R. DuFresne (Jan 29)
- RE: Multiple firewalls from different manufactureres Paul D. Robertson (Jan 29)
- RE: Multiple firewalls from different manufactureres Paul D. Robertson (Jan 28)