nanog mailing list archives
Re: ACLs vs. full firewalls
From: Michael Helmeste <mhelmest () uvic ca>
Date: Tue, 07 Apr 2009 15:29:27 -0700
While there are no specific audit requirements, overall traffic auditing (not just for dropped packets) is definitely something I'm considering. One way of gathering this data without using a firewall would seem to be netflow; I don't think netflow specifically calls out (or even shows?) traffic blocked by ACLs though, which could be a point for consideration. Eric Gauthier wrote:
Michael, Do you have logging or audit requirements to your filters? We use ACLs almost everywhere for non-stateful filtering, but there are a few locations (e.g. HIPPA) that require an audit trail which is perhaps better accomplished by a firewall. Eric :) [...]
Current thread:
- ACLs vs. full firewalls Michael Helmeste (Apr 07)
- Re: ACLs vs. full firewalls Justin M. Streiner (Apr 07)
- Re: ACLs vs. full firewalls Eric Gauthier (Apr 07)
- Re: ACLs vs. full firewalls Michael Helmeste (Apr 07)
- Re: ACLs vs. full firewalls Matthew Petach (Apr 07)
- Re: ACLs vs. full firewalls Mark Smith (Apr 07)
- Re: ACLs vs. full firewalls Karl Auer (Apr 07)
- Re: ACLs vs. full firewalls Nathan Ward (Apr 07)
- Re: ACLs vs. full firewalls Karl Auer (Apr 07)
- Re: ACLs vs. full firewalls Steven M. Bellovin (Apr 07)
- Re: ACLs vs. full firewalls Karl Auer (Apr 07)
- Re: ACLs vs. full firewalls Ravi Pina (Apr 15)
- RE: ACLs vs. full firewalls TJ (Apr 15)