Firewall Wizards mailing list archives
Secure Computing Sidewinder?
From: Paul Hutchings <paul () spamcop net>
Date: Sun, 8 Jun 2008 11:23:49 +0100
We currently use Microsoft ISA Server 2006 at the edge of our LAN (we have a hardware firewall in front of it at our perimeter).
The hardware it runs on is due for replacement, so I'm looking at the options as we don't use ISA for a specific set of reasons, we basically "fell" into it.
One of the options that I'm looking at is the Secure Computing Sidewinder. On paper it looks like a very nice bit of kit, and reading things such as that it's extensively used by banks and the military etc. instils a lot of confidence in the product.
I know both ISA and Sidewinder are "Application Layer" firewalls and act as proxies etc. but I'm struggling to get my head around why one might be "better" than the other, I guess I'm a little unclear on exactly what "Application Layer" means tbh despite reading various definitions?
My understanding with the Sidewinder is that the proxies receive each packet, tear it apart, inspects it, and then depending on the protocol it drops/discards anything that is dangerous, and in the case of safe content rewrites the packet and makes the connection itself it so that the source machine never connects directly to the destination, rather the connection always terminates at the Sidewinder, which makes the connection on its behalf?
I'm also struggling to understand how useful an application layer firewall is when it seemingly is never updated i.e. Microsoft ISA server?
Our requirements are pretty simple I would imagine:We want to let traffic out, with the source being restricted by IP address or Active Directory user. Mostly standard protocols such as dns/smtp/http/https/ftp where we would expect all traffic to conform to the protocol. In some instances we'll need to open port X to destination Y and would want to simply allow traffic to pass and wouldn't expect a firewall to know what the traffic is as it will be something unique to an application that we're using.
We want to allow smtp in, as well as a few specific internal websites such as Outlook Web Access etc. which use HTTPS.
I'd appreciate any input on the specifics of how the two products differ and how one might be considered "better" than the other both in terms of bottom line security, and our requirements.
cheers, Paul _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Secure Computing Sidewinder? Paul Hutchings (Jun 10)
- Re: Secure Computing Sidewinder? ArkanoiD (Jun 10)
- Re: Secure Computing Sidewinder? K K (Jun 10)
- Re: Secure Computing Sidewinder? Paul Hutchings (Jun 11)
- Re: Secure Computing Sidewinder? Paul D. Robertson (Jun 11)
- Re: Secure Computing Sidewinder? Paul Hutchings (Jun 12)
- Re: Secure Computing Sidewinder? lordchariot (Jun 13)
- Re: Secure Computing Sidewinder? Paul Hutchings (Jun 11)
- Re: Secure Computing Sidewinder? Keith A. Glass (Jun 11)
- Re: Secure Computing Sidewinder? Paul D. Robertson (Jun 11)
- Re: Secure Computing Sidewinder? K K (Jun 11)