Firewall Wizards mailing list archives

Re: Switch ACL vs Firewall

From: "Dale W. Carder" <dwcarder () doit wisc edu>
Date: Fri, 12 May 2006 10:35:32 -0500


On May 7, 2006, at 6:48 PM, Grant Bourzikas wrote:

Their point is that Switch
ACL's do the same thing as firewalls


Some (most?) switch ACL implementations suffer from either
1) no logging, 2) very limited logging, or 3) logging can
affect forwarding.  You also may or may not get ACL hit
counters.  You need to find out *exactly* how these boxes
will log, and balance that with how comfortable you are
flying blind.

Dale

----------------------------------
Dale W. Carder - Network Engineer
University of Wisconsin at Madison
http://net.doit.wisc.edu/~dwcarder


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Switch ACL vs Firewall Martin Hoz (May 12)
- <Possible follow-ups>
- Re: Switch ACL vs Firewall Dale W. Carder (May 12)
  - Re: Switch ACL vs Firewall Chris Blask (May 12)