Firewall Wizards mailing list archives

Re: IPS vs. Firewalls

From: Gabriele Buratti <gabriele.buratti () netasq com>
Date: Fri, 03 Feb 2006 14:29:14 +0100

ArkanoiD wrote:

(I'd even say that anyone who seriously claim that IPS can replace firewall
is stupid moron with lack of understanding even security basics, and if
those people are allowed to make technical decisions your company has damn
big management problems)


I agree, but something must be added.

A pure IPS can't replace a firewall if it's doing just applicationprotocol analisys/control. You still need policies. A IPS-firewall(stateful inspection + policy + layer7 inspection) can replace andsometimes do better than a firewall (stateful inspection + policy)



        regards
        Gabriele

Attachment: gabriele.buratti.vcf
Description:

Current thread:

IPS vs. Firewalls Phil Albacore (Feb 02)
- Re: IPS vs. Firewalls ArkanoiD (Feb 02)
  - Management vs. IT staff (was: Re: IPS vs. Firewalls) Patrick M. Hausen (Feb 02)
    - Re: Management vs. IT staff (was: Re: IPS vs. Firewalls) ArkanoiD (Feb 03)
  - Re: IPS vs. Firewalls Kevin (Feb 02)
    - RE: IPS vs. Firewalls Paul Melson (Feb 07)
  - Re: IPS vs. Firewalls Gabriele Buratti (Feb 03)
- Message not available
  - Re: IPS vs. Firewalls Marcus J. Ranum (Feb 02)
    - Re: IPS vs. Firewalls (why vs. ?) Gabriele Buratti (Feb 03)
    - Re: IPS vs. Firewalls (why vs. ?) Marcus J. Ranum (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Dave Piscitello (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Gabriele Buratti (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Dave Piscitello (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Marcus J. Ranum (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Dave Piscitello (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Marcus J. Ranum (Feb 07)
    - Re: IPS vs. Firewalls (why vs. ?) Dave Piscitello (Feb 07)

(Thread continues...)